A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. To successfully exploit this vulnerability, an attacker would need valid credentials for a privilege level 15 user of the wireless controller.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewc-priv-esc-nderYLtK | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
27 Oct 2022, 15:47
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:* |
05 Oct 2022, 16:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:ios_xe:17.6.1:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:* |
|
First Time |
Cisco catalyst 9117axi
Cisco catalyst 9800 Cisco catalyst 9120axi Cisco catalyst 9115 Ap Cisco catalyst 9124axd Cisco catalyst 9117 Cisco catalyst 9105axw Cisco catalyst 9800-l Cisco catalyst 9120axe Cisco catalyst 9120 Cisco catalyst 9120 Ap Cisco catalyst 9115axi Cisco catalyst 9124 Cisco catalyst 9130 Cisco catalyst 9115axe Cisco catalyst 9115 Cisco catalyst 9130 Ap Cisco catalyst 9130axi Cisco catalyst 9130axe Cisco catalyst 9800-l-f Cisco catalyst 9105axi Cisco catalyst 9800-80 Cisco catalyst 9105 Cisco Cisco catalyst 9800-l-c Cisco catalyst 9120axp Cisco catalyst 9800-40 Cisco catalyst 9124axi Cisco catalyst 9800-cl Cisco catalyst 9117 Ap Cisco ios Xe |
|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewc-priv-esc-nderYLtK - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
CWE | CWE-78 |
30 Sep 2022, 19:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-30 19:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-20855
Mitre link : CVE-2022-20855
CVE.ORG link : CVE-2022-20855
JSON object : View
Products Affected
cisco
- ios_xe
- catalyst_9105axi
- catalyst_9800-cl
- catalyst_9800-l-c
- catalyst_9117
- catalyst_9120axi
- catalyst_9115axi
- catalyst_9800-l
- catalyst_9117_ap
- catalyst_9130axe
- catalyst_9124axi
- catalyst_9115axe
- catalyst_9115
- catalyst_9120axe
- catalyst_9124axd
- catalyst_9120axp
- catalyst_9130
- catalyst_9105
- catalyst_9800-40
- catalyst_9117axi
- catalyst_9105axw
- catalyst_9115_ap
- catalyst_9800-80
- catalyst_9800
- catalyst_9130_ap
- catalyst_9120_ap
- catalyst_9800-l-f
- catalyst_9130axi
- catalyst_9124
- catalyst_9120