← voltar
CVE-2022-20719

Cisco IOx Application Hosting Environment Vulnerabilities

CVSS 5.5 MEDIUMEPSS 2.6%CWE-22
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.5EPSS 2.6%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
15 abr 2022Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
Produtos afetados
Cisco · Cisco IOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/orangecertcc/security-research/security/advisories/GHSA-8v5w-4fhm-gqxjhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj