← volver
CVE-2022-20630

Cisco DNA Center Information Disclosure Vulnerability

CVSS 4.4 MEDIUMEPSS 0.2%CWE-200
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.4EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
10 feb 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs through the CLI. A successful exploit could allow the attacker to retrieve sensitive information that includes user credentials.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N