Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
| Link | Resource |
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj | Vendor Advisory |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
21 Nov 2024, 06:43
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 5.5 |
| References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj - Vendor Advisory |
22 May 2023, 18:57
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1131:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_111x:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:* |
| First Time |
Cisco 1111x Integrated Services Router
Cisco 1109 Integrated Services Router Cisco 1100-6g Integrated Services Router Cisco 1160 Integrated Services Router Cisco 1120 Integrated Services Router Cisco 1131 Integrated Services Router Cisco 4221 Integrated Services Router Cisco 1101 Integrated Services Router Cisco 1100-4g Integrated Services Router Cisco 111x Integrated Services Router |
Information
Published : 2022-04-15 15:15
Updated : 2024-11-21 06:43
NVD link : CVE-2022-20677
Mitre link : CVE-2022-20677
CVE.ORG link : CVE-2022-20677
JSON object : View
Products Affected
cisco
- 4221_integrated_services_router
- 8201-32fh
- catalyst_3850
- catalyst_8500l
- asr_900
- asr_9903
- catalyst_9800
- asr_9010
- 1160_integrated_services_router
- 1101_integrated_services_router
- ios
- asr_9902
- catalyst_8200
- asr_9901
- 1100-4g_integrated_services_router
- catalyst_cg418-e
- 8201
- asr_1006-x
- catalyst_9300
- asr_1009-x
- 1131_integrated_services_router
- catalyst_cg522-e
- 8202
- 8101-32fh
- 8101-32h
- 8800
- catalyst_ie3200
- cloud_services_router_1000v
- asr_9912
- catalyst_ess9300
- catalyst_8300
- asr_9001
- catalyst_9500h
- esr3300
- catalyst_9400
- catalyst_ie3300
- catalyst_9800-cl
- catalyst_ie3400
- 1100-6g_integrated_services_router
- catalyst_9800-l
- asr_1001-x
- asr_9904
- 1109_integrated_services_router
- catalyst_9800-80
- catalyst_9800-40
- asr_9000v-v2
- catalyst_9600
- asr_1002-hx
- catalyst_3650
- catalyst_8500
- catalyst_ie9300
- asr_9006
- 111x_integrated_services_router
- catalyst_9500
- esr6300
- catalyst_9200
- asr_9910
- 1111x_integrated_services_router
- asr_9906
- asr_9922
- 8102-64h
- 1120_integrated_services_router