Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
July 26, 2022Rewterz Threat Advisory – CVE-2022-20916 – Cisco IoT Control Center Vulnerability
July 26, 2022Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities
July 26, 2022Rewterz Threat Advisory – CVE-2022-20916 – Cisco IoT Control Center Vulnerability
July 26, 2022Severity
Medium
Analysis Summary
CVE-2022-20860 CVSS:7.4
Cisco Nexus Dashboard is vulnerable to a man-in-the-middle attack, caused by the lack of validation of SSL server certificates when Cisco Nexus Dashboard is establishing a connection to Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud APIC, or Cisco Nexus Dashboard Fabric Controller, formerly Data Center Network Manager (DCNM) controllers. By using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers, a remote attacker could exploit this vulnerability to alter communications with associated controllers or view sensitive information.
CVE-2022-20906 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.
CVE-2022-20907 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.
CVE-2022-20908 CVSS:6\Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.
CVE-2022-20909 CVSS:6
Cisco Nexus Dashboard could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation during CLI command execution on an affected device. By using a malicious payload, an attacker could exploit this vulnerability to authenticate as the rescue-user, execute vulnerable CLI commands, and gain root privileges on the affected device.
Impact
- Unauthorized Access
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-20860
- CVE-2022-20906
- CVE-2022-20907
- CVE-2022-20908
- CVE-2022-20909
Affected Vendors
Cisco
Affected Products
- Cisco Nexus Dashboard 1.1
- Cisco Nexus Dashboard 2.0
- Cisco Nexus Dashboard 2.1
- Cisco Nexus Dashboard 2.2
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
Cisco Security Advisory