CVE-2022-20851 - Vulnerability Details

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To exploit this vulnerability, an attacker must have valid Administrator privileges on the affected device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00197.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco IOS XE Software

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1131_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4000_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4321_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4351_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4431_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4451-x_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4451_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:4461_integrated_services_router:-:::::::*
	cpe:2.3:h:cisco:8101-32fh:-:::::::*
	cpe:2.3:h:cisco:8101-32h:-:::::::*
	cpe:2.3:h:cisco:8102-64h:-:::::::*
	cpe:2.3:h:cisco:8201:-:::::::*
	cpe:2.3:h:cisco:8201-32fh:-:::::::*
	cpe:2.3:h:cisco:8202:-:::::::*
	cpe:2.3:h:cisco:8800_12-slot:-:::::::*
	cpe:2.3:h:cisco:8800_18-slot:-:::::::*
	cpe:2.3:h:cisco:8800_4-slot:-:::::::*
	cpe:2.3:h:cisco:8800_8-slot:-:::::::*
	cpe:2.3:h:cisco:8804:-:::::::*
	cpe:2.3:h:cisco:8808:-:::::::*
	cpe:2.3:h:cisco:8812:-:::::::*
	cpe:2.3:h:cisco:8818:-:::::::*
	cpe:2.3:h:cisco:8831:-:::::::*
	cpe:2.3:h:cisco:asr_1000-esp100:-:::::::*
	cpe:2.3:h:cisco:asr_1000-x:-:::::::*
	cpe:2.3:h:cisco:asr_1001:-:::::::*
	cpe:2.3:h:cisco:asr_1001-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1001-hx_r:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x:-:::::::*
	cpe:2.3:h:cisco:asr_1001-x_r:-:::::::*
	cpe:2.3:h:cisco:asr_1002:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx:-:::::::*
	cpe:2.3:h:cisco:asr_1002-hx_r:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x:-:::::::*
	cpe:2.3:h:cisco:asr_1002-x_r:-:::::::*
	cpe:2.3:h:cisco:asr_1002_fixed_router:-:::::::*
	cpe:2.3:h:cisco:asr_1004:-:::::::*
	cpe:2.3:h:cisco:asr_1006:-:::::::*
	cpe:2.3:h:cisco:asr_1006-x:-:::::::*
	cpe:2.3:h:cisco:asr_1009-x:-:::::::*
	cpe:2.3:h:cisco:asr_1013:-:::::::*
	cpe:2.3:h:cisco:asr_1023:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24td-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24td-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24td-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48td-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48td-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48td-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12s-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24s-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*
cpe:2.3:h:cisco:catalyst_8200:-:::::::*
cpe:2.3:h:cisco:catalyst_8300:-:::::::*
cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:::::::*
cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:::::::*
cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:::::::*
cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:::::::*
cpe:2.3:h:cisco:catalyst_8500:-:::::::*
cpe:2.3:h:cisco:catalyst_8500-4qc:-:::::::*
cpe:2.3:h:cisco:catalyst_8500l:-:::::::*
cpe:2.3:h:cisco:catalyst_8510csr:-:::::::*
cpe:2.3:h:cisco:catalyst_8510msr:-:::::::*
cpe:2.3:h:cisco:catalyst_8540csr:-:::::::*
cpe:2.3:h:cisco:catalyst_8540msr:-:::::::*
cpe:2.3:h:cisco:catalyst_9200:-:::::::*
cpe:2.3:h:cisco:catalyst_9200cx:-:::::::*
cpe:2.3:h:cisco:catalyst_9200l:-:::::::*
cpe:2.3:h:cisco:catalyst_9300:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24p-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24s-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24t-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24u-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48p-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48s-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48t-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48u-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48un-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48un-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l_stack:-:::::::*
cpe:2.3:h:cisco:catalyst_9300lm:-:::::::*
cpe:2.3:h:cisco:catalyst_9300x:-:::::::*
cpe:2.3:h:cisco:catalyst_9400:-:::::::*
cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:::::::*
cpe:2.3:h:cisco:catalyst_9407r:-:::::::*
cpe:2.3:h:cisco:catalyst_9410r:-:::::::*
cpe:2.3:h:cisco:catalyst_9500:-:::::::*
cpe:2.3:h:cisco:catalyst_9500h:-:::::::*
cpe:2.3:h:cisco:catalyst_9600:-:::::::*
cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:::::::*
cpe:2.3:h:cisco:catalyst_9600x:-:::::::*
cpe:2.3:h:cisco:catalyst_9800:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Cisco Subscribe	1000 Integrated Services Router Subscribe 1100-4g Integrated Services Router Subscribe 1100-4p Integrated Services Router Subscribe 1100-6g Integrated Services Router Subscribe 1100-8p Integrated Services Router Subscribe 1100 Integrated Services Router Subscribe 1101-4p Integrated Services Router Subscribe 1101 Integrated Services Router Subscribe 1109-2p Integrated Services Router Subscribe 1109-4p Integrated Services Router Subscribe 1109 Integrated Services Router Subscribe 1111x-8p Integrated Services Router Subscribe 1111x Integrated Services Router Subscribe 111x Integrated Services Router Subscribe 1120 Integrated Services Router Subscribe 1131 Integrated Services Router Subscribe 1160 Integrated Services Router Subscribe 4000 Integrated Services Router Subscribe 4221 Integrated Services Router Subscribe 4321 Integrated Services Router Subscribe 4331 Integrated Services Router Subscribe 4351 Integrated Services Router Subscribe 4431 Integrated Services Router Subscribe 4451-x Integrated Services Router Subscribe 4451 Integrated Services Router Subscribe 4461 Integrated Services Router Subscribe 8101-32fh Subscribe 8101-32h Subscribe 8102-64h Subscribe 8201 Subscribe 8201-32fh Subscribe 8202 Subscribe 8800 12-slot Subscribe 8800 18-slot Subscribe 8800 4-slot Subscribe 8800 8-slot Subscribe 8804 Subscribe 8808 Subscribe 8812 Subscribe 8818 Subscribe 8831 Subscribe Asr 1000-esp100 Subscribe Asr 1000-x Subscribe Asr 1001 Subscribe Asr 1001-hx Subscribe Asr 1001-hx R Subscribe Asr 1001-x Subscribe Asr 1001-x R Subscribe Asr 1002 Subscribe Asr 1002-hx Subscribe Asr 1002-hx R Subscribe Asr 1002-x Subscribe Asr 1002-x R Subscribe Asr 1002 Fixed Router Subscribe Asr 1004 Subscribe Asr 1006 Subscribe Asr 1006-x Subscribe Asr 1009-x Subscribe Asr 1013 Subscribe Asr 1023 Subscribe Catalyst 3650 Subscribe Catalyst 3650-12x48fd-e Subscribe Catalyst 3650-12x48fd-l Subscribe Catalyst 3650-12x48fd-s Subscribe Catalyst 3650-12x48uq Subscribe Catalyst 3650-12x48uq-e Subscribe Catalyst 3650-12x48uq-l Subscribe Catalyst 3650-12x48uq-s Subscribe Catalyst 3650-12x48ur Subscribe Catalyst 3650-12x48ur-e Subscribe Catalyst 3650-12x48ur-l Subscribe Catalyst 3650-12x48ur-s Subscribe Catalyst 3650-12x48uz Subscribe Catalyst 3650-12x48uz-e Subscribe Catalyst 3650-12x48uz-l Subscribe Catalyst 3650-12x48uz-s Subscribe Catalyst 3650-24pd Subscribe Catalyst 3650-24pd-e Subscribe Catalyst 3650-24pd-l Subscribe Catalyst 3650-24pd-s Subscribe Catalyst 3650-24pdm Subscribe Catalyst 3650-24pdm-e Subscribe Catalyst 3650-24pdm-l Subscribe Catalyst 3650-24pdm-s Subscribe Catalyst 3650-24ps-e Subscribe Catalyst 3650-24ps-l Subscribe Catalyst 3650-24ps-s Subscribe Catalyst 3650-24td-e Subscribe Catalyst 3650-24td-l Subscribe Catalyst 3650-24td-s Subscribe Catalyst 3650-24ts-e Subscribe Catalyst 3650-24ts-l Subscribe Catalyst 3650-24ts-s Subscribe Catalyst 3650-48fd-e Subscribe Catalyst 3650-48fd-l Subscribe Catalyst 3650-48fd-s Subscribe Catalyst 3650-48fq Subscribe Catalyst 3650-48fq-e Subscribe Catalyst 3650-48fq-l Subscribe Catalyst 3650-48fq-s Subscribe Catalyst 3650-48fqm Subscribe Catalyst 3650-48fqm-e Subscribe Catalyst 3650-48fqm-l Subscribe Catalyst 3650-48fqm-s Subscribe Catalyst 3650-48fs-e Subscribe Catalyst 3650-48fs-l Subscribe Catalyst 3650-48fs-s Subscribe Catalyst 3650-48pd-e Subscribe Catalyst 3650-48pd-l Subscribe Catalyst 3650-48pd-s Subscribe Catalyst 3650-48pq-e Subscribe Catalyst 3650-48pq-l Subscribe Catalyst 3650-48pq-s Subscribe Catalyst 3650-48ps-e Subscribe Catalyst 3650-48ps-l Subscribe Catalyst 3650-48ps-s Subscribe Catalyst 3650-48td-e Subscribe Catalyst 3650-48td-l Subscribe Catalyst 3650-48td-s Subscribe Catalyst 3650-48tq-e Subscribe Catalyst 3650-48tq-l Subscribe Catalyst 3650-48tq-s Subscribe Catalyst 3650-48ts-e Subscribe Catalyst 3650-48ts-l Subscribe Catalyst 3650-48ts-s Subscribe Catalyst 3650-8x24pd-e Subscribe Catalyst 3650-8x24pd-l Subscribe Catalyst 3650-8x24pd-s Subscribe Catalyst 3650-8x24uq Subscribe Catalyst 3650-8x24uq-e Subscribe Catalyst 3650-8x24uq-l Subscribe Catalyst 3650-8x24uq-s Subscribe Catalyst 3850 Subscribe Catalyst 3850-12s-e Subscribe Catalyst 3850-12s-s Subscribe Catalyst 3850-12x48u Subscribe Catalyst 3850-12xs-e Subscribe Catalyst 3850-12xs-s Subscribe Catalyst 3850-16xs-e Subscribe Catalyst 3850-16xs-s Subscribe Catalyst 3850-24p-e Subscribe Catalyst 3850-24p-l Subscribe Catalyst 3850-24p-s Subscribe Catalyst 3850-24pw-s Subscribe Catalyst 3850-24s-e Subscribe Catalyst 3850-24s-s Subscribe Catalyst 3850-24t-e Subscribe Catalyst 3850-24t-l Subscribe Catalyst 3850-24t-s Subscribe Catalyst 3850-24u Subscribe Catalyst 3850-24u-e Subscribe Catalyst 3850-24u-l Subscribe Catalyst 3850-24u-s Subscribe Catalyst 3850-24xs Subscribe Catalyst 3850-24xs-e Subscribe Catalyst 3850-24xs-s Subscribe Catalyst 3850-24xu Subscribe Catalyst 3850-24xu-e Subscribe Catalyst 3850-24xu-l Subscribe Catalyst 3850-24xu-s Subscribe Catalyst 3850-32xs-e Subscribe Catalyst 3850-32xs-s Subscribe Catalyst 3850-48f-e Subscribe Catalyst 3850-48f-l Subscribe Catalyst 3850-48f-s Subscribe Catalyst 3850-48p-e Subscribe Catalyst 3850-48p-l Subscribe Catalyst 3850-48p-s Subscribe Catalyst 3850-48pw-s Subscribe Catalyst 3850-48t-e Subscribe Catalyst 3850-48t-l Subscribe Catalyst 3850-48t-s Subscribe Catalyst 3850-48u Subscribe Catalyst 3850-48u-e Subscribe Catalyst 3850-48u-l Subscribe Catalyst 3850-48u-s Subscribe Catalyst 3850-48xs Subscribe Catalyst 3850-48xs-e Subscribe Catalyst 3850-48xs-f-e Subscribe Catalyst 3850-48xs-f-s Subscribe Catalyst 3850-48xs-s Subscribe Catalyst 3850-nm-2-40g Subscribe Catalyst 3850-nm-8-10g Subscribe Catalyst 8200 Subscribe Catalyst 8300 Subscribe Catalyst 8300-1n1s-4t2x Subscribe Catalyst 8300-1n1s-6t Subscribe Catalyst 8300-2n2s-4t2x Subscribe Catalyst 8300-2n2s-6t Subscribe Catalyst 8500 Subscribe Catalyst 8500-4qc Subscribe Catalyst 8500l Subscribe Catalyst 8510csr Subscribe Catalyst 8510msr Subscribe Catalyst 8540csr Subscribe Catalyst 8540msr Subscribe Catalyst 9200 Subscribe Catalyst 9200cx Subscribe Catalyst 9200l Subscribe Catalyst 9300 Subscribe Catalyst 9300-24p-a Subscribe Catalyst 9300-24p-e Subscribe Catalyst 9300-24s-a Subscribe Catalyst 9300-24s-e Subscribe Catalyst 9300-24t-a Subscribe Catalyst 9300-24t-e Subscribe Catalyst 9300-24u-a Subscribe Catalyst 9300-24u-e Subscribe Catalyst 9300-24ux-a Subscribe Catalyst 9300-24ux-e Subscribe Catalyst 9300-48p-a Subscribe Catalyst 9300-48p-e Subscribe Catalyst 9300-48s-a Subscribe Catalyst 9300-48s-e Subscribe Catalyst 9300-48t-a Subscribe Catalyst 9300-48t-e Subscribe Catalyst 9300-48u-a Subscribe Catalyst 9300-48u-e Subscribe Catalyst 9300-48un-a Subscribe Catalyst 9300-48un-e Subscribe Catalyst 9300-48uxm-a Subscribe Catalyst 9300-48uxm-e Subscribe Catalyst 9300l Subscribe Catalyst 9300l-24p-4g-a Subscribe Catalyst 9300l-24p-4g-e Subscribe Catalyst 9300l-24p-4x-a Subscribe Catalyst 9300l-24p-4x-e Subscribe Catalyst 9300l-24t-4g-a Subscribe Catalyst 9300l-24t-4g-e Subscribe Catalyst 9300l-24t-4x-a Subscribe Catalyst 9300l-24t-4x-e Subscribe Catalyst 9300l-48p-4g-a Subscribe Catalyst 9300l-48p-4g-e Subscribe Catalyst 9300l-48p-4x-a Subscribe Catalyst 9300l-48p-4x-e Subscribe Catalyst 9300l-48t-4g-a Subscribe Catalyst 9300l-48t-4g-e Subscribe Catalyst 9300l-48t-4x-a Subscribe Catalyst 9300l-48t-4x-e Subscribe Catalyst 9300l Stack Subscribe Catalyst 9300lm Subscribe Catalyst 9300x Subscribe Catalyst 9400 Subscribe Catalyst 9400 Supervisor Engine-1 Subscribe Catalyst 9407r Subscribe Catalyst 9410r Subscribe Catalyst 9500 Subscribe Catalyst 9500h Subscribe Catalyst 9600 Subscribe Catalyst 9600 Supervisor Engine-1 Subscribe Catalyst 9600x Subscribe Catalyst 9800 Subscribe Catalyst 9800-40 Subscribe Catalyst 9800-80 Subscribe Catalyst 9800-cl Subscribe Catalyst 9800-l Subscribe Catalyst 9800-l-c Subscribe Catalyst 9800-l-f Subscribe Ios Xe Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-26101	A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To exploit this vulnerability, an attacker must have valid Administrator privileges on the affected device.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-Gje47EMn

History

Fri, 01 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2022-09-30T18:46:10.294145Z

Updated: 2024-11-01T18:50:35.156Z

Reserved: 2021-11-02T00:00:00

Link: CVE-2022-20851

Vulnrichment

Updated: 2024-08-03T02:24:50.292Z

NVD

Status : Modified

Published: 2022-09-30T19:15:12.727

Modified: 2024-11-21T06:43:41.110

Link: CVE-2022-20851

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object