Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
| Link | Resource |
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
22 May 2023, 18:57
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:isr_1101:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1131:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:* |
| First Time |
Cisco 1160 Integrated Services Router
Cisco 1120 Integrated Services Router Cisco 1111x Integrated Services Router Cisco 4221 Integrated Services Router Cisco 1100-4g Integrated Services Router Cisco 111x Integrated Services Router Cisco 1109 Integrated Services Router Cisco 1101 Integrated Services Router Cisco 1131 Integrated Services Router Cisco 1100-6g Integrated Services Router |
25 Apr 2022, 15:06
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-326 | |
| CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 6.7 |
| References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj - Vendor Advisory | |
| CPE | cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1131:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_ess9300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:esr3300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:17.6.1:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:* |
|
| First Time |
Cisco
Cisco catalyst Ie3400 Cisco isr 1111x Cisco isr 4221 Cisco asr 9902 Cisco asr 1002-hx Cisco catalyst 9500h Cisco catalyst 9800-l Cisco catalyst 9400 Cisco catalyst 8200 Cisco isr 1120 Cisco catalyst 8500 Cisco asr 9000v-v2 Cisco 8201 Cisco catalyst 9200 Cisco asr 900 Cisco 8202 Cisco asr 9001 Cisco catalyst 9600 Cisco 8800 Cisco isr 1100-6g Cisco catalyst Cg418-e Cisco catalyst 3850 Cisco 8102-64h Cisco catalyst 9800-80 Cisco isr 1100-4g Cisco isr 1131 Cisco catalyst 9500 Cisco asr 1009-x Cisco isr 111x Cisco catalyst 9800-40 Cisco asr 9904 Cisco asr 9906 Cisco isr 1109 Cisco catalyst 8300 Cisco esr3300 Cisco asr 9901 Cisco cloud Services Router 1000v Cisco asr 9912 Cisco catalyst 8500l Cisco asr 9006 Cisco catalyst Ess9300 Cisco catalyst Ie3300 Cisco esr6300 Cisco 8101-32h Cisco catalyst 9300 Cisco asr 9903 Cisco asr 9922 Cisco 8201-32fh Cisco asr 1006-x Cisco isr 1160 Cisco ios Cisco catalyst Ie3200 Cisco isr 1101 Cisco catalyst Cg522-e Cisco asr 1001-x Cisco asr 9910 Cisco 8101-32fh Cisco catalyst 9800 Cisco asr 9010 Cisco catalyst Ie9300 Cisco catalyst 3650 Cisco catalyst 9800-cl |
15 Apr 2022, 15:22
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-04-15 15:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-20677
Mitre link : CVE-2022-20677
CVE.ORG link : CVE-2022-20677
JSON object : View
Products Affected
cisco
- 8102-64h
- catalyst_8200
- 8101-32h
- 1109_integrated_services_router
- catalyst_ie3300
- asr_1002-hx
- catalyst_8500
- 1111x_integrated_services_router
- catalyst_cg522-e
- 1100-4g_integrated_services_router
- asr_9902
- ios
- esr6300
- asr_1009-x
- asr_9010
- catalyst_9800-l
- catalyst_9800-cl
- catalyst_ess9300
- catalyst_9500h
- 1131_integrated_services_router
- asr_9912
- catalyst_3650
- 1101_integrated_services_router
- 8202
- 1160_integrated_services_router
- 4221_integrated_services_router
- asr_900
- catalyst_cg418-e
- asr_1001-x
- catalyst_9800-40
- asr_9006
- catalyst_8500l
- asr_1006-x
- 8800
- catalyst_9500
- catalyst_9800-80
- asr_9901
- asr_9904
- 8201-32fh
- asr_9910
- esr3300
- cloud_services_router_1000v
- asr_9903
- catalyst_9600
- catalyst_9800
- 111x_integrated_services_router
- catalyst_ie3200
- catalyst_ie9300
- asr_9922
- asr_9000v-v2
- 8201
- catalyst_8300
- catalyst_9300
- asr_9906
- catalyst_9200
- catalyst_ie3400
- catalyst_3850
- 1120_integrated_services_router
- asr_9001
- 1100-6g_integrated_services_router
- 8101-32fh
- catalyst_9400