Cisco

Advisory	Title	Published
2022-06-22	Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability	June 22, 2022
2022-06-22	Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability	June 22, 2022
2022-06-15	Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability	June 15, 2022
2022-06-15	Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability	June 15, 2022
2022-06-15	Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability	June 15, 2022
2022-06-15	Cisco AppDynamics Controller Authorization Bypass Vulnerability	June 15, 2022
2022-06-15	Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability	June 15, 2022
2022-06-15	Cisco Identity Services Engine Authentication Bypass Vulnerability	June 15, 2022
2022-06-15	Cisco IP Phone Duplicate Key Vulnerability	June 15, 2022
2022-05-20	Cisco IOS XR Software Health Check Open Port Vulnerability	May 20, 2022

@cisco Tweets

At #CiscoLive, we introduced new #HybridWork products and innovations to provide flexibility and simplicity. Learn… https://t.co/L7IINPMSSP
Fri Jun 24 13:08:13 +0000 2022

#DYK: There are 29 active situations involving refugees with a resounding impact upon 149 countries. That is why Ci… https://t.co/mASaJjNLmj
Fri Jun 24 08:08:00 +0000 2022

"Good things come when powerhouse companies form tight relationships, share common goals, and make amazing things h… https://t.co/RPZA0ztv6k
Thu Jun 23 13:08:25 +0000 2022

Life doesn't stop when you start work. So how do we prioritise #wellbeing daily? Easier said than done, right?��‍♀️… https://t.co/39VVymvvsF
Thu Jun 23 08:08:00 +0000 2022

"Cisco+ Secure Connect Now is a simple, secure, intelligent service that allows you to connect users and applicatio… https://t.co/eJdg7AGtd4
Thu Jun 23 01:08:00 +0000 2022

By the Year

In 2022 there have been 160 vulnerabilities in Cisco with an average score of 7.0 out of ten. Last year Cisco had 540 security vulnerabilities published. Right now, Cisco is on track to have less security vulnerabilities in 2022 than it did last year. However, the average CVE base score of the vulnerabilities in 2022 is greater by 0.22.

Year	Vulnerabilities	Average Score
2022	160	7.05
2021	540	6.83
2020	323	6.84
2019	359	6.91
2018	354	7.20

It may take a day or so for new Cisco vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Cisco Security Vulnerabilities

A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could

CVE-2022-20828 - June 24, 2022

A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco ASA that is hosting the ASA FirePOWER module. Note: To exploit this vulnerability, the attacker must have administrative access to the Cisco ASA. A user who has administrative access to a particular Cisco ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco ASA.

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image

CVE-2022-20829 - June 24, 2022

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco ASA Software. This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine. Notes: To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco ASA Software. Potential targets are limited to users who manage the same device that is running Cisco ASA Software using ASDM. Cisco has released and will release software updates that address this vulnerability.

A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could

CVE-2022-20651 - June 22, 2022

A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. Cisco ADSM must be deployed in a shared workstation environment for this issue to be exploited. This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view the credentials of other users of the shared device.

A vulnerability in Cisco Unified IP Phones could

CVE-2022-20817 - June 15, 2022

A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.

A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could

CVE-2022-20664 - June 15, 2022

A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could

CVE-2022-20819 6.5 - Medium - June 15, 2022

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information about the system configuration.

Improper Privilege Management

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could

CVE-2022-20825 9.8 - Critical - June 15, 2022

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Cisco has not released software updates that address this vulnerability.

Improper Input Validation

A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could

CVE-2022-20798 - June 15, 2022

A vulnerability in the external authentication functionality of Cisco Secure Email and Web Manager, formerly known as Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device. This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.

A vulnerability in the login page of Cisco Identity Services Engine (ISE) could

CVE-2022-20733 9.8 - Critical - June 15, 2022

A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions.

authentification

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console

CVE-2022-20736 - June 15, 2022

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability.

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20674 6.1 - Medium - May 27, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20673 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20672 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20671 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20670 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20669 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20668 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20667 6.1 - Medium - May 27, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could

CVE-2022-20666 6.1 - Medium - May 27, 2022

XSS

A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could

CVE-2022-20802 5.4 - Medium - May 27, 2022

A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input that is processed by the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface or access sensitive, browser-based information. To successfully exploit this vulnerability, an attacker would need valid agent credentials.

XSS

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could

CVE-2022-20807 6.5 - Medium - May 27, 2022

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Insertion of Sensitive Information into Log File

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could

CVE-2022-20806 7.1 - High - May 27, 2022

Insertion of Sensitive Information into Log File

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could

CVE-2022-20797 9.1 - Critical - May 27, 2022

A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management interface. A successful exploit could allow the attacker to make configuration changes on the affected device or cause certain services to restart unexpectedly.

Shell injection

A vulnerability in the web applications of Cisco UCS Director could

CVE-2022-20765 4.8 - Medium - May 27, 2022

A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to unsanitized user input. An attacker could exploit this vulnerability by submitting custom JavaScript to affected web applications. A successful exploit could allow the attacker to rewrite web page content, access sensitive information stored in the applications, and alter data by submitting forms.

XSS

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance

CVE-2022-20821 6.5 - Medium - May 26, 2022

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system.

Information Disclosure

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could

CVE-2022-20809 6.5 - Medium - May 26, 2022

Insertion of Sensitive Information into Log File

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could

CVE-2022-20794 4.7 - Medium - May 04, 2022

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.

Open Redirect

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could

CVE-2022-20764 8.1 - High - May 04, 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could

CVE-2022-20771 7.5 - High - May 04, 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could

CVE-2022-20770 7.5 - High - May 04, 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could

CVE-2022-20796 5.5 - Medium - May 04, 2022

On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.

Buffer Overflow

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could

CVE-2022-20785 7.5 - High - May 04, 2022

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Memory Leak

A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could

CVE-2022-20753 7.2 - High - May 04, 2022

A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute remote code on the affected device. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.

Memory Corruption

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could

CVE-2022-20801 7.2 - High - May 04, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of the affected device. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device.

Command Injection

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could

CVE-2022-20799 7.2 - High - May 04, 2022

Command Injection

A vulnerability in Cisco SD-WAN vManage Software could

CVE-2022-20734 4.4 - Medium - May 04, 2022

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

Information Disclosure

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands

CVE-2022-20780 7.4 - High - May 04, 2022

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. For more information about these vulnerabilities, see the Details section of this advisory.

XXE

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands

CVE-2022-20779 8.8 - High - May 04, 2022

Improper Input Validation

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands

CVE-2022-20777 9.9 - Critical - May 04, 2022

AuthZ

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20715 7.5 - High - May 03, 2022

A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.

Improper Input Validation

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could

CVE-2022-20737 7.1 - High - May 03, 2022

A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device or to obtain portions of process memory from an affected device. This vulnerability is due to insufficient bounds checking when parsing specific HTTP authentication messages. An attacker could exploit this vulnerability by sending malicious traffic to an affected device acting as a VPN Gateway. To send this malicious traffic, an attacker would need to control a web server that can be accessed through the Clientless SSL VPN portal. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition, or to retrieve bytes from the device process memory that may contain sensitive information.

Memory Corruption

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20745 7.5 - High - May 03, 2022

Improper Input Validation

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20742 7.4 - High - May 03, 2022

A vulnerability in an IPsec VPN library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to read or modify data within an IPsec IKEv2 VPN tunnel. This vulnerability is due to an improper implementation of Galois/Counter Mode (GCM) ciphers. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a sufficient number of encrypted messages across an affected IPsec IKEv2 VPN tunnel and then using cryptanalytic techniques to break the encryption. A successful exploit could allow the attacker to decrypt, read, modify, and re-encrypt data that is transmitted across an affected IPsec IKEv2 VPN tunnel.

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20759 8.8 - High - May 03, 2022

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected device. A successful exploit could allow the attacker to gain privilege level 15 access to the web management interface of the device. This includes privilege level 15 access to the device using management tools like the Cisco Adaptive Security Device Manager (ASDM) or the Cisco Security Manager (CSM). Note: With Cisco FTD Software, the impact is lower than the CVSS score suggests because the affected web management interface allows for read access only.

Improper Privilege Management

A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20744 6.5 - Medium - May 03, 2022

A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to view data without proper authorization. This vulnerability exists because of a protection mechanism that relies on the existence or values of a specific input. An attacker could exploit this vulnerability by modifying this input to bypass the protection mechanism and sending a crafted request to an affected device. A successful exploit could allow the attacker to view data beyond the scope of their authorization.

Improper Input Validation

A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20743 8.8 - High - May 03, 2022

A vulnerability in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to bypass security protections and upload malicious files to the affected system. This vulnerability is due to improper validation of files uploaded to the web management interface of Cisco FMC Software. An attacker could exploit this vulnerability by uploading a maliciously crafted file to a device running affected software. A successful exploit could allow the attacker to store malicious files on the device, which they could access later to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.

Unrestricted File Upload

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20740 6.1 - Medium - May 03, 2022

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by convincing a user to click a link designed to pass malicious input to the interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks and gain access to sensitive browser-based information.

XSS

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20748 5.3 - Medium - May 03, 2022

A vulnerability in the local malware analysis process of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to insufficient error handling in the local malware analysis process of an affected device. An attacker could exploit this vulnerability by sending a crafted file through the device. A successful exploit could allow the attacker to cause the local malware analysis process to crash, which could result in a DoS condition. Notes: Manual intervention may be required to recover from this situation. Malware cloud lookup and dynamic analysis will not be impacted.

Resource Exhaustion

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20757 7.5 - High - May 03, 2022

A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper traffic handling when platform limits are reached. An attacker could exploit this vulnerability by sending a high rate of UDP traffic through an affected device. A successful exploit could allow the attacker to cause all new, incoming connections to be dropped, resulting in a DoS condition.

Allocation of Resources Without Limits or Throttling

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20730 7.5 - High - May 03, 2022

A vulnerability in the Security Intelligence feed feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the Security Intelligence DNS feed. This vulnerability is due to incorrect feed update processing. An attacker could exploit this vulnerability by sending traffic through an affected device that should be blocked by the affected device. A successful exploit could allow the attacker to bypass device controls and successfully send traffic to devices that are expected to be protected by the affected device.

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20751 7.5 - High - May 03, 2022

A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.

Allocation of Resources Without Limits or Throttling

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20746 7.5 - High - May 03, 2022

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

NULL Pointer Dereference

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20729 7.8 - High - May 03, 2022

A vulnerability in CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to inject XML into the command parser. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted input in commands. A successful exploit could allow the attacker to inject XML into the command parser, which could result in unexpected processing of the command and unexpected command output.

aka Blind XPath Injection

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20767 7.5 - High - May 03, 2022

A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.

Allocation of Resources Without Limits or Throttling

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20629 5.4 - Medium - May 03, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20628 5.4 - Medium - May 03, 2022

XSS

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could

CVE-2022-20627 5.4 - Medium - May 03, 2022

XSS

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could

CVE-2022-20760 7.5 - High - May 03, 2022

A vulnerability in the DNS inspection handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to a lack of proper processing of incoming requests. An attacker could exploit this vulnerability by sending crafted DNS requests at a high rate to an affected device. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a DoS condition.

Resource Exhaustion

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection could

CVE-2022-20788 6.1 - Medium - April 21, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.

XSS

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could

CVE-2022-20786 8.1 - High - April 21, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain data or modify data that is stored in the underlying database of the affected system.

SQL Injection

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could

CVE-2022-20787 6.8 - Medium - April 21, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.

Session Riding

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could

CVE-2022-20804 6.5 - Medium - April 21, 2022

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect processing of certain Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by continuously sending certain Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition.

Improper Check for Unusual or Exceptional Conditions

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could

CVE-2022-20790 6.5 - Medium - April 21, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the underlying operating system.

Directory traversal

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could

CVE-2022-20805 4.1 - Medium - April 21, 2022

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sever Name Indication (SNI) extension of an HTTP request to discover the destination domain and determine if the request needs to be decrypted. An attacker could exploit this vulnerability by sending a crafted request over TLS from a client to an unknown or controlled URL. A successful exploit could allow an attacker to bypass the decryption process of Cisco Umbrella SWG and allow malicious content to be downloaded to a host on a protected network. There are workarounds that address this vulnerability.

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could

CVE-2022-20773 8.1 - High - April 21, 2022

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.

Use of Hard-coded Credentials

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could

CVE-2022-20732 7.8 - High - April 21, 2022

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain configuration files. An attacker with low-privileged credentials could exploit this vulnerability by accessing an affected device and reading the affected configuration files. A successful exploit could allow the attacker to obtain internal database credentials, which the attacker could use to view and modify the contents of the database. The attacker could use this access to the database to elevate privileges on the affected device.

Incorrect Default Permissions

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could

CVE-2022-20795 7.5 - High - April 21, 2022

A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.

Insufficient Verification of Data Authenticity

A vulnerability in the authentication component of Cisco Webex Meetings could

CVE-2022-20778 6.1 - Medium - April 21, 2022

A vulnerability in the authentication component of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the authentication component of Cisco Webex Meetings. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

XSS

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could

CVE-2022-20783 7.5 - High - April 21, 2022

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted H.323 traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to either reboot normally or reboot into maintenance mode, which could result in a DoS condition on the device.

Improper Input Validation

A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could

CVE-2022-20789 6.5 - Medium - April 21, 2022

A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to write arbitrary files on the affected system. This vulnerability is due to improper restrictions applied to a system script. An attacker could exploit this vulnerability by using crafted variables during the execution of a system upgrade. A successful exploit could allow the attacker to overwrite or append arbitrary data to system files using root-level privileges.

Externally Controlled Reference to a Resource in Another Sphere

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20727 6.7 - Medium - April 15, 2022

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Directory traversal

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could

CVE-2022-20682 8.6 - High - April 15, 2022

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to inadequate input validation of incoming CAPWAP packets encapsulating multicast DNS (mDNS) queries. An attacker could exploit this vulnerability by connecting to a wireless network and sending a crafted mDNS query, which would flow through and be processed by the wireless controller. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition.

NULL Pointer Dereference

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could

CVE-2022-20622 7.5 - High - April 15, 2022

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. The device may experience a performance degradation in traffic processing or high CPU usage prior to the unexpected reload. This vulnerability is due to improper rate limiting of IP packets to the management interface. An attacker could exploit this vulnerability by sending a steady stream of IP traffic at a high rate to the management interface of the affected device. A successful exploit could allow the attacker to cause the device to reload.

Allocation of Resources Without Limits or Throttling

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could

CVE-2022-20695 10 - Critical - April 15, 2022

A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory.

authentification

A vulnerability in the web UI feature of Cisco IOS XE Software could

CVE-2022-20693 7.2 - High - April 15, 2022

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Injection

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could

CVE-2022-20735 6.5 - Medium - April 15, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. These actions could include modifying the system configuration and deleting accounts.

Session Riding

A vulnerability in the History API of Cisco SD-WAN vManage Software could

CVE-2022-20747 6.5 - Medium - April 15, 2022

A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected system. This vulnerability is due to insufficient API authorization checking on the underlying operating system. An attacker could exploit this vulnerability by sending a crafted API request to Cisco vManage as a lower-privileged user and gaining access to sensitive information that they would not normally be authorized to access.

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could

CVE-2022-20717 5.5 - Medium - April 15, 2022

A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient memory management when an affected device receives large amounts of traffic. An attacker could exploit this vulnerability by sending malicious traffic to an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.

Allocation of Resources Without Limits or Throttling

A vulnerability in the CLI of Cisco SD-WAN vManage Software could

CVE-2022-20739 7.3 - High - April 15, 2022

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected system as a low-privileged user to exploit this vulnerability. This vulnerability exists because a file leveraged by a root user is executed when a low-privileged user runs specific commands on an affected system. An attacker could exploit this vulnerability by injecting arbitrary commands to a specific file as a lower-privileged user and then waiting until an admin user executes specific commands. The commands would then be executed on the device by the root user. A successful exploit could allow the attacker to escalate their privileges on the affected system from a low-privileged user to the root user.

Improper Privilege Management

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges

CVE-2022-20716 7.8 - High - April 15, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user.

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could

CVE-2022-20679 7.7 - High - April 15, 2022

A vulnerability in the IPSec decryption routine of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to buffer exhaustion that occurs while traffic on a configured IPsec tunnel is being processed. An attacker could exploit this vulnerability by sending traffic to an affected device that has a maximum transmission unit (MTU) of 1800 bytes or greater. A successful exploit could allow the attacker to cause the device to reload. To exploit this vulnerability, the attacker may need access to the trusted network where the affected device is in order to send specific packets to be processed by the device. All network devices between the attacker and the affected device must support an MTU of 1800 bytes or greater. This access requirement could limit the possibility of a successful exploit.

Improper Input Validation

A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could

CVE-2022-20692 6.5 - Medium - April 15, 2022

A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition (DoS) on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this vulnerability by initiating a large number of NETCONF over SSH connections. A successful exploit could allow the attacker to exhaust resources, causing the device to reload and resulting in a DoS condition on an affected device.

Resource Exhaustion

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could

CVE-2022-20714 8.6 - High - April 15, 2022

A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card.

Out-of-bounds Read

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20677 6.7 - Medium - April 15, 2022

Inadequate Encryption Strength

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20718 7.2 - High - April 15, 2022

Injection

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20719 7.2 - High - April 15, 2022

Injection

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20720 7.2 - High - April 15, 2022

Directory traversal

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20722 4.9 - Medium - April 15, 2022

Directory traversal

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20721 4.9 - Medium - April 15, 2022

Directory traversal

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could

CVE-2022-20678 7.5 - High - April 15, 2022

A vulnerability in the AppNav-XE feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of certain TCP segments. An attacker could exploit this vulnerability by sending a stream of crafted TCP traffic at a high rate through an interface of an affected device. That interface would need to have AppNav interception enabled. A successful exploit could allow the attacker to cause the device to reload.

Improper Handling of Exceptional Conditions

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could

CVE-2022-20758 6.8 - Medium - April 15, 2022

A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the incorrect processing of a BGP update message that contains specific EVPN attributes. An attacker could exploit this vulnerability by sending a BGP update message that contains specific EVPN attributes. To exploit this vulnerability, an attacker must control a BGP speaker that has an established trusted peer connection to an affected device that is configured with the address family L2VPN EVPN to receive and process the update message. This vulnerability cannot be exploited by any data that is initiated by clients on the Layer 2 network or by peers that are not configured to accept the L2VPN EVPN address family. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP updates only from explicitly defined peers. For this vulnerability to be exploited, the malicious BGP update message must either come from a configured, valid BGP peer or be injected by the attacker into the affected BGP network on an existing, valid TCP connection to a BGP peer.

A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could

CVE-2022-20683 8.6 - High - April 15, 2022

A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient packet verification for traffic inspected by the AVC feature. An attacker could exploit this vulnerability by sending crafted packets from the wired network to a wireless client, resulting in the crafted packets being processed by the wireless controller. A successful exploit could allow the attacker to cause a crash and reload of the affected device, resulting in a DoS condition.

Buffer Overflow

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could

CVE-2022-20684 6.5 - Medium - April 15, 2022

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Improper Input Validation

Multiple vulnerabilities

CVE-2022-20731 6.8 - Medium - April 15, 2022

Multiple vulnerabilities that affect Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches could allow an attacker to execute persistent code at boot time or to permanently prevent the device from booting, resulting in a permanent denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Improper Initialization

Multiple vulnerabilities

CVE-2022-20661 4.6 - Medium - April 15, 2022

Improper Initialization

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could

CVE-2022-20761 6.5 - Medium - April 15, 2022

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.

Improper Input Validation

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20724 7.5 - High - April 15, 2022

Race Condition

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20725 4.8 - Medium - April 15, 2022

Directory traversal

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could

CVE-2022-20697 8.6 - High - April 15, 2022

A vulnerability in the web services interface of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper resource management in the HTTP server code. An attacker could exploit this vulnerability by sending a large number of HTTP requests to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Missing Release of Resource after Effective Lifetime

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could

CVE-2022-20723 7.2 - High - April 15, 2022

Cisco

Products by Cisco Sorted by Most Security Vulnerabilities since 2018

Cisco IOS XE168 vulnerabilitiesNewer version of Cisco IOS Operating System built on linux.

Cisco Firepower Threat Defense131 vulnerabilities

Cisco Internetwork Operating System (IOS)108 vulnerabilitiesCisco Internetwork Operating System (IOS) is a family of network operating systems used on many Cisco Systems routers and current Cisco network switches.

Cisco Firepower Management Center87 vulnerabilities

Cisco Webex Meetings Server64 vulnerabilities

Cisco Application Extension Platform60 vulnerabilities

Cisco Data Center Network Manager60 vulnerabilities

Cisco Identity Services Engine57 vulnerabilities

Cisco Unified Communications Manager55 vulnerabilities

Cisco Webex Meetings Online52 vulnerabilities

Cisco Sd Wan Vmanage52 vulnerabilities

Cisco Adaptive Security Appliance Software45 vulnerabilities

Cisco Webex Meetings38 vulnerabilities

Cisco Adaptive Security Appliance37 vulnerabilities

Cisco Wireless Lan Controller Software31 vulnerabilities

Cisco Prime Infrastructure28 vulnerabilities

Cisco Unified Computing System26 vulnerabilities

Cisco Ucs Director25 vulnerabilities

Cisco Unified Communications Manager Im Presence Service23 vulnerabilities

Cisco Anyconnect Secure Mobility Client23 vulnerabilities

Cisco Ios Xr22 vulnerabilities

Cisco Jabber21 vulnerabilities

Cisco Sd Wan Vbond Orchestrator21 vulnerabilities

Cisco Telepresence Video Communication Server21 vulnerabilities

Cisco Sd Wan20 vulnerabilities

Cisco Vsmart Controller19 vulnerabilities

Cisco Security Manager19 vulnerabilities

Cisco Web Security Appliance19 vulnerabilities

Cisco Application Policy Infrastructure Controller18 vulnerabilities

Cisco Unity Connection18 vulnerabilities

Cisco Webex Business Suite 3218 vulnerabilities

Cisco Email Security Appliance17 vulnerabilities

Cisco Webex Business Suite 3316 vulnerabilities

Cisco Common Services Platform Collector16 vulnerabilities

Cisco Evolved Programmable Network Manager16 vulnerabilities

Cisco Ucs Director Express Big Data16 vulnerabilities

Cisco Vbond Orchestrator15 vulnerabilities

Cisco Meeting Server15 vulnerabilities

Cisco Unified Contact Center Express15 vulnerabilities

Cisco Iot Field Network Director15 vulnerabilities

Cisco Webex Business Suite14 vulnerabilities

Cisco Telepresence Collaboration Endpoint14 vulnerabilities

Cisco Prime Collaboration Provisioning14 vulnerabilities

Cisco Enterprise Network Function Virtualization Infrastructure14 vulnerabilities

Cisco Dna Center13 vulnerabilities

Cisco Vmanage Network Management13 vulnerabilities

Cisco Prime Collaboration12 vulnerabilities

Cisco Digital Network Architecture Center11 vulnerabilities

Cisco Vedge Plus10 vulnerabilities

Cisco Asyncos10 vulnerabilities

Cisco Umbrella10 vulnerabilities

Cisco Webex Network Recording Player10 vulnerabilities

Cisco Vedge Pro10 vulnerabilities

Cisco Hyperflex Hx Data Platform10 vulnerabilities

Cisco Integrated Management Controller10 vulnerabilities

Cisco Enterprise Nfv Infrastructure Software10 vulnerabilities

Cisco Finesse10 vulnerabilities

Cisco Content Security Management Appliance9 vulnerabilities

Cisco Roomos9 vulnerabilities

Cisco Integrated Management Controller Supervisor9 vulnerabilities

Cisco Dna Spaces9 vulnerabilities

Cisco Prime Service Catalog8 vulnerabilities

Cisco Industrial Network Director8 vulnerabilities

Cisco Webex Teams8 vulnerabilities

Cisco Sourcefire Defense Center8 vulnerabilities

Cisco Ir510 Operating System8 vulnerabilities

Cisco Firepower Management Center Virtual Appliance8 vulnerabilities

Cisco Mobility Services Engine7 vulnerabilities

Cisco Identity Services Engine Software7 vulnerabilities

Cisco Smart Software Manager On Prem7 vulnerabilities

Cisco Wireless Lan Controller7 vulnerabilities

Cisco Email Security Appliance Firmware7 vulnerabilities

Cisco Network Level Service7 vulnerabilities

Cisco Prime Collaboration Assurance6 vulnerabilities

Cisco IOS XE168 vulnerabilities
Newer version of Cisco IOS Operating System built on linux.

Cisco Internetwork Operating System (IOS)108 vulnerabilities
Cisco Internetwork Operating System (IOS) is a family of network operating systems used on many Cisco Systems routers and current Cisco network switches.