Rewterz Threat Advisory – CVE-2022-20823 – Cisco NX-OS Software Vulnerability
August 25, 2022Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
August 25, 2022Rewterz Threat Advisory – CVE-2022-20823 – Cisco NX-OS Software Vulnerability
August 25, 2022Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
August 25, 2022Severity
High
Analysis Summary
CVE-2022-20921
Cisco ACI Multi-Site Orchestrator (MSO) could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization on specific APIs. By sending specially-crafted HTTP requests, an <authenticated> attacker could exploit this vulnerability to elevate to Administrator privileges
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-20921
Affected Vendors
Cisco
Affected Products
Cisco ACI Multi-Site Orchestrator (MSO) 3.0
Cisco ACI Multi-Site Orchestrator (MSO) 3.1
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.