CVE-2022-20655

Summary

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco IOS XR SoftwareN/Aaffected
CiscoCisco Virtual Topology System (VTS)N/Aaffected
CiscoCisco Network Services OrchestratorN/Aaffected
CiscoCisco Enterprise NFV Infrastructure SoftwareN/Aaffected
CiscoCisco Catalyst SD-WANN/Aaffected
CiscoCisco Catalyst SD-WAN ManagerN/Aaffected
CiscoCisco IOS XE Catalyst SD-WANN/Aaffected
CiscoCisco SD-WAN vEdge RouterN/Aaffected
CiscoCisco Ultra Gateway PlatformN/Aaffected
CiscoCisco Carrier Packet Transport3.5affected
CiscoCisco Carrier Packet Transport3.1affected
CiscoCisco Carrier Packet Transport3.2affected
CiscoCisco Carrier Packet Transport2.5affected
CiscoCisco Carrier Packet Transport2.0affected
CiscoCisco Carrier Packet Transport9.2.2affected
CiscoCisco Carrier Packet Transport1.4.0affected
CiscoCisco Carrier Packet Transport1.0affected
CiscoCisco Carrier Packet Transport1.1affected
CiscoCisco Carrier Packet Transport1.2affected
CiscoCisco Carrier Packet Transport2.1.0affected
CiscoCisco Carrier Packet Transport2.3.0affected
CiscoCisco Carrier Packet Transport2.3.3affected
CiscoCisco Carrier Packet Transport2.3.5affected
CiscoCisco Carrier Packet Transport2.3.4affected
CiscoCisco Carrier Packet Transport2.0.1affected
CiscoCisco Carrier Packet Transport2.0.0affected
CiscoCisco Carrier Packet Transport2.0.3affected
CiscoCisco Carrier Packet Transport2.0.4affected
CiscoCisco Carrier Packet Transport2.0.5affected
CiscoCisco Carrier Packet Transport2.4.0affected
CiscoCisco Carrier Packet Transport2.2.2affected
CiscoCisco Carrier Packet Transport2.2.3affected
CiscoCisco Carrier Packet Transport10.8.0affected
CiscoCisco Carrier Packet Transport7.0.3affected
CiscoCisco Carrier Packet Transport7.0.1affected
CiscoCisco Carrier Packet Transport1.0.2affected
CiscoCisco Carrier Packet Transport1.1.1affected
CiscoCisco Carrier Packet Transport1.1.2affected
CiscoCisco Carrier Packet Transport4.1affected
CiscoCisco Carrier Packet Transport4.0affected
CiscoCisco Carrier Packet Transport12.1.0affected
CiscoCisco Carrier Packet Transport9.8.1affected
CiscoCisco Carrier Packet Transport9.8.0affected
CiscoCisco Carrier Packet Transport4.1.82affected
CiscoCisco Carrier Packet Transport4.1.4affected
CiscoCisco Carrier Packet Transport4.6.1affected
CiscoCisco Carrier Packet Transport4.0.4affected
CiscoCisco Carrier Packet Transport4.0.3affected
CiscoCisco Carrier Packet Transport6.2.4affected
CiscoCisco Carrier Packet Transport3.0.5affected
CiscoCisco Carrier Packet Transport3.0.6affected
CiscoCisco Carrier Packet Transport3.0.7affected
CiscoCisco Carrier Packet Transport3.0.3affected
CiscoCisco Carrier Packet Transport3.0.0affected
CiscoCisco Carrier Packet Transport9.5.0affected
CiscoCisco Carrier Packet Transport9.5.3affected
CiscoCisco Carrier Packet Transport9.5.1affected
CiscoCisco Carrier Packet Transport9.5.2affected
CiscoCisco Carrier Packet Transport9.7.0affected
CiscoCisco Carrier Packet Transport9.521affected
CiscoCisco Carrier Packet Transport4.5.0affected
CiscoCisco Carrier Packet Transport4.7.0affected
CiscoCisco Carrier Packet Transport3.2.0affected
CiscoCisco Carrier Packet Transport3.2.1affected
CiscoCisco Carrier Packet Transport3.1.0affected

Weaknesses

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References