Sd Wan Vbond Orchestrator
CVE-2022-20818
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
AnalysisAI
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-25. Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Affected products include: Cisco Sd-Wan Vbond Orchestrator, Cisco Sd-Wan Vmanage, Cisco Sd-Wan Vsmart Controller, Cisco Sd-Wan.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Sd Wan Vbond Orchestrator
View allA vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privil
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks aga
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks aga
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection att
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection att
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of s
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of s
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of s
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privi
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privil
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary com
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection att
Same weakness CWE-25 – Path Traversal: '/../filedir'
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today