CVE-2022-20864 - Vulnerability Details

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00173.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco IOS XE Software

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios_xe_rom_monitor:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:catalyst_3650:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24td-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24td-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24td-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48td-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48td-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48td-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12s-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24p-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24s-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24t-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24u-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48f-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48p-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48t-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-l:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48u-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::*
cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::*
cpe:2.3:h:cisco:catalyst_9200:-:::::::*
cpe:2.3:h:cisco:catalyst_9200cx:-:::::::*
cpe:2.3:h:cisco:catalyst_9200l:-:::::::*
cpe:2.3:h:cisco:catalyst_9300:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24p-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24s-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24t-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24u-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48p-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48p-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48s-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48s-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48t-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48t-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48u-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48un-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48un-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_9300l_stack:-:::::::*
cpe:2.3:h:cisco:catalyst_9300lm:-:::::::*
cpe:2.3:h:cisco:catalyst_9300x:-:::::::*
cpe:2.3:h:cisco:catalyst_9400:-:::::::*
cpe:2.3:h:cisco:catalyst_9407r:-:::::::*
cpe:2.3:h:cisco:catalyst_9410r:-:::::::*
cpe:2.3:h:cisco:catalyst_9500:-:::::::*
cpe:2.3:h:cisco:catalyst_9500h:-:::::::*
cpe:2.3:h:cisco:catalyst_9600:-:::::::*
cpe:2.3:h:cisco:catalyst_9600x:-:::::::*
cpe:2.3:h:cisco:catalyst_c2928-24lt-c:-:::::::*
cpe:2.3:h:cisco:catalyst_c2928-48tc-c:-:::::::*
cpe:2.3:h:cisco:catalyst_c3850-12x48u-e:-:::::::*
cpe:2.3:h:cisco:catalyst_c3850-12x48u-l:-:::::::*
cpe:2.3:h:cisco:catalyst_c3850-12x48u-s:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200-24p:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200-24t:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200-48p:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200-48t:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24p:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24s:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24t:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24u:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-24ux:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48p:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48s:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48t:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48u:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48un:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:::::::*
cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9404r:-:::::::*
cpe:2.3:h:cisco:catalyst_c9407r:-:::::::*
cpe:2.3:h:cisco:catalyst_c9410r:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-12q:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-16x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24q:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-32c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-32qc:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-40x:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:::::::*
cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9600-lc-24c:-:::::::*
cpe:2.3:h:cisco:catalyst_c9600-lc-48s:-:::::::*
cpe:2.3:h:cisco:catalyst_c9600-lc-48tx:-:::::::*
cpe:2.3:h:cisco:catalyst_c9600-lc-48yl:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Cisco Subscribe	Catalyst 3650 Subscribe Catalyst 3650-12x48fd-e Subscribe Catalyst 3650-12x48fd-l Subscribe Catalyst 3650-12x48fd-s Subscribe Catalyst 3650-12x48uq Subscribe Catalyst 3650-12x48uq-e Subscribe Catalyst 3650-12x48uq-l Subscribe Catalyst 3650-12x48uq-s Subscribe Catalyst 3650-12x48ur Subscribe Catalyst 3650-12x48ur-e Subscribe Catalyst 3650-12x48ur-l Subscribe Catalyst 3650-12x48ur-s Subscribe Catalyst 3650-12x48uz Subscribe Catalyst 3650-12x48uz-e Subscribe Catalyst 3650-12x48uz-l Subscribe Catalyst 3650-12x48uz-s Subscribe Catalyst 3650-24pd Subscribe Catalyst 3650-24pd-e Subscribe Catalyst 3650-24pd-l Subscribe Catalyst 3650-24pd-s Subscribe Catalyst 3650-24pdm Subscribe Catalyst 3650-24pdm-e Subscribe Catalyst 3650-24pdm-l Subscribe Catalyst 3650-24pdm-s Subscribe Catalyst 3650-24ps-e Subscribe Catalyst 3650-24ps-l Subscribe Catalyst 3650-24ps-s Subscribe Catalyst 3650-24td-e Subscribe Catalyst 3650-24td-l Subscribe Catalyst 3650-24td-s Subscribe Catalyst 3650-24ts-e Subscribe Catalyst 3650-24ts-l Subscribe Catalyst 3650-24ts-s Subscribe Catalyst 3650-48fd-e Subscribe Catalyst 3650-48fd-l Subscribe Catalyst 3650-48fd-s Subscribe Catalyst 3650-48fq Subscribe Catalyst 3650-48fq-e Subscribe Catalyst 3650-48fq-l Subscribe Catalyst 3650-48fq-s Subscribe Catalyst 3650-48fqm Subscribe Catalyst 3650-48fqm-e Subscribe Catalyst 3650-48fqm-l Subscribe Catalyst 3650-48fqm-s Subscribe Catalyst 3650-48fs-e Subscribe Catalyst 3650-48fs-l Subscribe Catalyst 3650-48fs-s Subscribe Catalyst 3650-48pd-e Subscribe Catalyst 3650-48pd-l Subscribe Catalyst 3650-48pd-s Subscribe Catalyst 3650-48pq-e Subscribe Catalyst 3650-48pq-l Subscribe Catalyst 3650-48pq-s Subscribe Catalyst 3650-48ps-e Subscribe Catalyst 3650-48ps-l Subscribe Catalyst 3650-48ps-s Subscribe Catalyst 3650-48td-e Subscribe Catalyst 3650-48td-l Subscribe Catalyst 3650-48td-s Subscribe Catalyst 3650-48tq-e Subscribe Catalyst 3650-48tq-l Subscribe Catalyst 3650-48tq-s Subscribe Catalyst 3650-48ts-e Subscribe Catalyst 3650-48ts-l Subscribe Catalyst 3650-48ts-s Subscribe Catalyst 3650-8x24pd-e Subscribe Catalyst 3650-8x24pd-l Subscribe Catalyst 3650-8x24pd-s Subscribe Catalyst 3650-8x24uq Subscribe Catalyst 3650-8x24uq-e Subscribe Catalyst 3650-8x24uq-l Subscribe Catalyst 3650-8x24uq-s Subscribe Catalyst 3850 Subscribe Catalyst 3850-12s-e Subscribe Catalyst 3850-12s-s Subscribe Catalyst 3850-12x48u Subscribe Catalyst 3850-12xs-e Subscribe Catalyst 3850-12xs-s Subscribe Catalyst 3850-16xs-e Subscribe Catalyst 3850-16xs-s Subscribe Catalyst 3850-24p-e Subscribe Catalyst 3850-24p-l Subscribe Catalyst 3850-24p-s Subscribe Catalyst 3850-24pw-s Subscribe Catalyst 3850-24s-e Subscribe Catalyst 3850-24s-s Subscribe Catalyst 3850-24t-e Subscribe Catalyst 3850-24t-l Subscribe Catalyst 3850-24t-s Subscribe Catalyst 3850-24u Subscribe Catalyst 3850-24u-e Subscribe Catalyst 3850-24u-l Subscribe Catalyst 3850-24u-s Subscribe Catalyst 3850-24xs Subscribe Catalyst 3850-24xs-e Subscribe Catalyst 3850-24xs-s Subscribe Catalyst 3850-24xu Subscribe Catalyst 3850-24xu-e Subscribe Catalyst 3850-24xu-l Subscribe Catalyst 3850-24xu-s Subscribe Catalyst 3850-32xs-e Subscribe Catalyst 3850-32xs-s Subscribe Catalyst 3850-48f-e Subscribe Catalyst 3850-48f-l Subscribe Catalyst 3850-48f-s Subscribe Catalyst 3850-48p-e Subscribe Catalyst 3850-48p-l Subscribe Catalyst 3850-48p-s Subscribe Catalyst 3850-48pw-s Subscribe Catalyst 3850-48t-e Subscribe Catalyst 3850-48t-l Subscribe Catalyst 3850-48t-s Subscribe Catalyst 3850-48u Subscribe Catalyst 3850-48u-e Subscribe Catalyst 3850-48u-l Subscribe Catalyst 3850-48u-s Subscribe Catalyst 3850-48xs Subscribe Catalyst 3850-48xs-e Subscribe Catalyst 3850-48xs-f-e Subscribe Catalyst 3850-48xs-f-s Subscribe Catalyst 3850-48xs-s Subscribe Catalyst 3850-nm-2-40g Subscribe Catalyst 3850-nm-8-10g Subscribe Catalyst 9200 Subscribe Catalyst 9200cx Subscribe Catalyst 9200l Subscribe Catalyst 9300 Subscribe Catalyst 9300-24p-a Subscribe Catalyst 9300-24p-e Subscribe Catalyst 9300-24s-a Subscribe Catalyst 9300-24s-e Subscribe Catalyst 9300-24t-a Subscribe Catalyst 9300-24t-e Subscribe Catalyst 9300-24u-a Subscribe Catalyst 9300-24u-e Subscribe Catalyst 9300-24ux-a Subscribe Catalyst 9300-24ux-e Subscribe Catalyst 9300-48p-a Subscribe Catalyst 9300-48p-e Subscribe Catalyst 9300-48s-a Subscribe Catalyst 9300-48s-e Subscribe Catalyst 9300-48t-a Subscribe Catalyst 9300-48t-e Subscribe Catalyst 9300-48u-a Subscribe Catalyst 9300-48u-e Subscribe Catalyst 9300-48un-a Subscribe Catalyst 9300-48un-e Subscribe Catalyst 9300-48uxm-a Subscribe Catalyst 9300-48uxm-e Subscribe Catalyst 9300l Subscribe Catalyst 9300l-24p-4g-a Subscribe Catalyst 9300l-24p-4g-e Subscribe Catalyst 9300l-24p-4x-a Subscribe Catalyst 9300l-24p-4x-e Subscribe Catalyst 9300l-24t-4g-a Subscribe Catalyst 9300l-24t-4g-e Subscribe Catalyst 9300l-24t-4x-a Subscribe Catalyst 9300l-24t-4x-e Subscribe Catalyst 9300l-48p-4g-a Subscribe Catalyst 9300l-48p-4g-e Subscribe Catalyst 9300l-48p-4x-a Subscribe Catalyst 9300l-48p-4x-e Subscribe Catalyst 9300l-48t-4g-a Subscribe Catalyst 9300l-48t-4g-e Subscribe Catalyst 9300l-48t-4x-a Subscribe Catalyst 9300l-48t-4x-e Subscribe Catalyst 9300l Stack Subscribe Catalyst 9300lm Subscribe Catalyst 9300x Subscribe Catalyst 9400 Subscribe Catalyst 9407r Subscribe Catalyst 9410r Subscribe Catalyst 9500 Subscribe Catalyst 9500h Subscribe Catalyst 9600 Subscribe Catalyst 9600x Subscribe Catalyst C2928-24lt-c Subscribe Catalyst C2928-48tc-c Subscribe Catalyst C3850-12x48u-e Subscribe Catalyst C3850-12x48u-l Subscribe Catalyst C3850-12x48u-s Subscribe Catalyst C9200-24p Subscribe Catalyst C9200-24t Subscribe Catalyst C9200-48p Subscribe Catalyst C9200-48t Subscribe Catalyst C9200l-24p-4g Subscribe Catalyst C9200l-24p-4x Subscribe Catalyst C9200l-24pxg-2y Subscribe Catalyst C9200l-24pxg-4x Subscribe Catalyst C9200l-24t-4g Subscribe Catalyst C9200l-24t-4x Subscribe Catalyst C9200l-48p-4g Subscribe Catalyst C9200l-48p-4x Subscribe Catalyst C9200l-48pxg-2y Subscribe Catalyst C9200l-48pxg-4x Subscribe Catalyst C9200l-48t-4g Subscribe Catalyst C9200l-48t-4x Subscribe Catalyst C9300-24p Subscribe Catalyst C9300-24s Subscribe Catalyst C9300-24t Subscribe Catalyst C9300-24u Subscribe Catalyst C9300-24ux Subscribe Catalyst C9300-48p Subscribe Catalyst C9300-48s Subscribe Catalyst C9300-48t Subscribe Catalyst C9300-48u Subscribe Catalyst C9300-48un Subscribe Catalyst C9300-48uxm Subscribe Catalyst C9300l-24p-4g Subscribe Catalyst C9300l-24p-4x Subscribe Catalyst C9300l-24t-4g Subscribe Catalyst C9300l-24t-4x Subscribe Catalyst C9300l-48p-4g Subscribe Catalyst C9300l-48p-4x Subscribe Catalyst C9300l-48t-4g Subscribe Catalyst C9300l-48t-4x Subscribe Catalyst C9404r Subscribe Catalyst C9407r Subscribe Catalyst C9410r Subscribe Catalyst C9500-12q Subscribe Catalyst C9500-12q-a Subscribe Catalyst C9500-12q-e Subscribe Catalyst C9500-16x Subscribe Catalyst C9500-16x-a Subscribe Catalyst C9500-16x-e Subscribe Catalyst C9500-24q Subscribe Catalyst C9500-24q-a Subscribe Catalyst C9500-24q-e Subscribe Catalyst C9500-24y4c Subscribe Catalyst C9500-32c Subscribe Catalyst C9500-32qc Subscribe Catalyst C9500-40x Subscribe Catalyst C9500-40x-a Subscribe Catalyst C9500-40x-e Subscribe Catalyst C9500-48y4c Subscribe Catalyst C9600-lc-24c Subscribe Catalyst C9600-lc-48s Subscribe Catalyst C9600-lc-48tx Subscribe Catalyst C9600-lc-48yl Subscribe Ios Xe Rom Monitor Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-26114	A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO

History

Fri, 01 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2022-10-10T20:43:16.392597Z

Updated: 2024-11-01T18:49:04.147Z

Reserved: 2021-11-02T00:00:00

Link: CVE-2022-20864

Vulnrichment

Updated: 2024-08-03T02:24:50.242Z

NVD

Status : Modified

Published: 2022-10-10T21:15:10.207

Modified: 2024-11-21T06:43:42.610

Link: CVE-2022-20864

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object