Vulnslist

find the latest Cisco vulnerabilities

Cisco SD-WAN Software Privilege Escalation Vulnerabilities

cisco-sa-sd-wan-priv-E6e8tEdF · High · Published · Updated

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2022-20775, CVE-2022-20818
Cisco Bug IDsCSCwa52793, CSCwb54198
CVSS ScoreBase 7.8
Base 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Catalyst SD-WAN, Cisco Catalyst SD-WAN Manager, Cisco SD-WAN vEdge Router, Cisco SD-WAN vEdge Cloud, Cisco SD-WAN vContainer

Related Products

Product CVE Evidence
Cisco vEdge Routers CVE-2022-20775 Cisco OpenVuln
Cisco SD-WAN CVE-2022-20775 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2022-20775 Cisco OpenVuln
Cisco Catalyst SD-WAN Software CVE-2022-20775 Cisco OpenVuln
Cisco SD-WAN vEdge Router CVE-2022-20775 Cisco OpenVuln
Cisco SD-WAN vEdge Cloud CVE-2022-20775 Cisco OpenVuln
Cisco SD-WAN vContainer CVE-2022-20775 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2022-20775 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2022-20775 Cisco OpenVuln
Cisco vEdge Routers CVE-2022-20818 Cisco OpenVuln
Cisco SD-WAN CVE-2022-20818 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2022-20818 Cisco OpenVuln
Cisco Catalyst SD-WAN Software CVE-2022-20818 Cisco OpenVuln
Cisco SD-WAN vEdge Router CVE-2022-20818 Cisco OpenVuln
Cisco SD-WAN vEdge Cloud CVE-2022-20818 Cisco OpenVuln
Cisco SD-WAN vContainer CVE-2022-20818 Cisco OpenVuln
Cisco Catalyst SD-WAN Manager CVE-2022-20818 Cisco OpenVuln
Cisco Catalyst SD-WAN CVE-2022-20818 Cisco OpenVuln