Rewterz Threat Advisory – CVE-2022-0517 – Mozilla VPN Vulnerability
February 25, 2022Rewterz Threat Advisory – CVE-2022-22944- VMware Workspace ONE Boxer Vulnerability
February 25, 2022Rewterz Threat Advisory – CVE-2022-0517 – Mozilla VPN Vulnerability
February 25, 2022Rewterz Threat Advisory – CVE-2022-22944- VMware Workspace ONE Boxer Vulnerability
February 25, 2022Severity
High
Analysis Summary
CVE-2022-20650
Cisco INX-OS Software could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by command injection vulnerability in the NX-API feature. By sending a specially crafted HTTP POST request to the NX-API, an attacker could exploit this vulnerability to execute arbitrary commands with root privileges.
Impact
- Command Execution
Indicators of Compromise
CVE
- CVE-2022-20650
Affected Vendors
Cisco
Affected Products
- Cisco NX-OS
- Cisco Nexus 3000 Series Switches
- Cisco Nexus 9000 Series Switches
- Cisco Nexus 5500 Platform Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.