CVE-2022-20630

A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs through the CLI. A successful exploit could allow the attacker to retrieve sensitive information that includes user credentials.

Severity	MEDIUM
CVSS	4.4
EPSS	0.06% EPSS low
CWE	CWE-200
KEV
Published	4 years ago
Modified	10 months ago

Public Affected Products

Product	Advisory	Evidence
Cisco Digital Network Architecture Center (DNA Center)	cisco-sa-dnac-info-disc-8QEynKEj	Cisco CSAF · structured affected