Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

CVE-2022-20655

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

SeverityHIGH
CVSS8.8
CWECWE-78
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco Ultra Gateway Platform cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco IOS cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Integrated Services Virtual Router cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco 4000 Series Integrated Services Routers cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco 1000 Series Integrated Services Routers cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Cloud Services Router 1000V Series cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Virtual Topology System (VTS) cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco SD-WAN vEdge Router cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Network Services Orchestrator cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco IOS XR Software cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco IOS XE Catalyst SD-WAN cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Enterprise NFV Infrastructure Software cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco ConfD cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Catalyst SD-WAN Manager cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Catalyst SD-WAN cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Carrier Packet Transport cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco ASR 1000 Series Aggregation Services Routers cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln
Cisco Catalyst 9600 Series Switches cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches cisco-sa-cli-cmdinj-4MttWZPB Cisco OpenVuln · software-dependent