ConfD CLI Command Injection via Invalid Argument Validation
CVE-2022-20655 Published on November 15, 2024

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

NVD

Vulnerability Analysis

CVE-2022-20655 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Shell injection Vulnerability?

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE-2022-20655 has been classified to as a Shell injection vulnerability or weakness.

Affected Versions

Cisco IOS XR Software:

Version N/A is affected.

Cisco Virtual Topology System (VTS):

Version N/A is affected.

Cisco Network Services Orchestrator:

Version N/A is affected.

Cisco Enterprise NFV Infrastructure Software:

Version N/A is affected.

Cisco Catalyst SD-WAN:

Version N/A is affected.

Cisco Catalyst SD-WAN Manager:

Version N/A is affected.

Cisco IOS XE Catalyst SD-WAN:

Version N/A is affected.

Cisco SD-WAN vEdge Router:

Version N/A is affected.

Cisco Ultra Gateway Platform:

Version N/A is affected.

Cisco Carrier Packet Transport:

Version 3.5 is affected.
Version 3.1 is affected.
Version 3.2 is affected.
Version 2.5 is affected.
Version 2.0 is affected.
Version 9.2.2 is affected.
Version 1.4.0 is affected.
Version 1.0 is affected.
Version 1.1 is affected.
Version 1.2 is affected.
Version 2.1.0 is affected.
Version 2.3.0 is affected.
Version 2.3.3 is affected.
Version 2.3.5 is affected.
Version 2.3.4 is affected.
Version 2.0.1 is affected.
Version 2.0.0 is affected.
Version 2.0.3 is affected.
Version 2.0.4 is affected.
Version 2.0.5 is affected.
Version 2.4.0 is affected.
Version 2.2.2 is affected.
Version 2.2.3 is affected.
Version 10.8.0 is affected.
Version 7.0.3 is affected.
Version 7.0.1 is affected.
Version 1.0.2 is affected.
Version 1.1.1 is affected.
Version 1.1.2 is affected.
Version 4.1 is affected.
Version 4.0 is affected.
Version 12.1.0 is affected.
Version 9.8.1 is affected.
Version 9.8.0 is affected.
Version 4.1.82 is affected.
Version 4.1.4 is affected.
Version 4.6.1 is affected.
Version 4.0.4 is affected.
Version 4.0.3 is affected.
Version 6.2.4 is affected.
Version 3.0.5 is affected.
Version 3.0.6 is affected.
Version 3.0.7 is affected.
Version 3.0.3 is affected.
Version 3.0.0 is affected.
Version 9.5.0 is affected.
Version 9.5.3 is affected.
Version 9.5.1 is affected.
Version 9.5.2 is affected.
Version 9.7.0 is affected.
Version 9.521 is affected.
Version 4.5.0 is affected.
Version 4.7.0 is affected.
Version 3.2.0 is affected.
Version 3.2.1 is affected.
Version 3.1.0 is affected.

cisco ios_xr_software:

Before 7.0.2 is affected.
Version 7.1.0 and below 7.1.1 is affected.

cisco virtual_topology_system:

Before 2.6.5 is affected.

cisco network_services_orchestrator:

Before 4.3.9.1 is affected.
Version 4.4.0.0 and below 4.4.5.6 is affected.
Version 4.5.0 and below 4.5.7 is affected.
Version 4.6.0 and below 4.6.1.7 is affected.
Version 4.7.0 and below 4.7.1 is affected.
Version 5.1.0 and below 5.1.0.1 is affected.

cisco enterprise_nfv_infrastructure_software:

Before 3.12.1 is affected.

cisco catalyst_sd-wan_manager:

Before 18.4.4 is affected.
Version 19.2.0 and below 19.2.1 is affected.

cisco ios_xe_catalyst_sd-wan:

Before 16.10.2 is affected.
Version 16.12.0 and below 16.12.1b is affected.
Version 17.2.0 and below 17.2.1r is affected.

cisco sd-wan_vedge_router:

Before 18.4.4 is affected.
Version 19.2.0 and below 19.2.1 is affected.

cisco carrier_packet_transport:

Before * is affected.

Exploit Probability

EPSS

0.40%

Percentile

60.73%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

ConfD CLI Command Injection via Invalid Argument ValidationCVE-2022-20655 Published on November 15, 2024

Vulnerability Analysis

Weakness Type

What is a Shell injection Vulnerability?

Affected Versions

Exploit Probability

ConfD CLI Command Injection via Invalid Argument Validation
CVE-2022-20655 Published on November 15, 2024