CVE-2022-20716

{"id": "CVE-2022-20716", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-04-15T15:15:13.063", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user."}, {"lang": "es", "value": "Una vulnerabilidad en la CLI del software Cisco SD-WAN podr\u00eda permitir a un atacante local autenticado alcanzar altos privilegios. Esta vulnerabilidad es debido a un control de acceso inapropiado en los archivos del sistema afectado. Un atacante local podr\u00eda explotar esta vulnerabilidad al modificar determinados archivos en el dispositivo vulnerable. Si es exitoso, el atacante podr\u00eda alcanzar privilegios escalados y realizar acciones en el sistema con privilegios de usuario root"}], "lastModified": "2023-11-07T03:42:42.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5"}, {"criteria": "cpe:2.3:a:cisco:sd-wan_solution:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "264691E8-B9EE-445B-AA73-339E2AD9D75A"}, {"criteria": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5"}, {"criteria": "cpe:2.3:a:cisco:sd-wan_vedge_cloud:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F79EFC51-42F0-4E00-9993-2CBD852BB7EE"}, {"criteria": "cpe:2.3:a:cisco:sd-wan_vedge_router:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E751F057-CC4E-49AF-BFFE-1C08A0AFEDBC"}, {"criteria": "cpe:2.3:a:cisco:sd-wan_vsmart_controller_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1E3D19-7A59-41DA-A216-814E6AB697B5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "633B8D51-C333-4C34-BE6B-4A95BA0A0E20", "versionEndExcluding": "20.6.1", "versionStartIncluding": "18.4"}, {"criteria": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71DFA673-7836-4EC9-9B73-428598BC012D", "versionEndExcluding": "20.7.1", "versionStartIncluding": "20.7"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}