Rewterz Threat Alert – Donot APT Group – Active IOCs
August 26, 2022Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022Rewterz Threat Alert – Donot APT Group – Active IOCs
August 26, 2022Rewterz Threat Advisory – CVE-2021-25642 – Apache Hadoop Vulnerability
August 27, 2022Severity
Medium
Analysis Summary
CVE-2022-20865 CVSS:6.7
Cisco FXOS Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root privileges.
CVE-2022-20824 CVSS:8.8
Impact
- Command Execution
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2022-20865
- CVE-2022-20824
Affected Vendors
Cisco
Affected Products
- Cisco FXOS Software
- Cisco Firepower 4100 Series
- Cisco Firepower 9300 Security Appliances
- Cisco Nexus 3000 Series Switches
- Cisco MDS 9000 Series Multilayer Switches
- Cisco Nexus 6000 Series Switches
- Cisco Nexus 7000 Series Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.