CVE-2022-20850

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.

CVSS v3.0 7.1 HIGH

7.1^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv	Vendor Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:sd-wan_vsmart_controller::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vbond_orchestrator::::::::
	cpe:2.3:o:cisco:ios_xe_sd-wan::::::::

Configuration 2 (hide)

AND

cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:vedge_100b:-:::::::*
	cpe:2.3:h:cisco:vedge_100m:-:::::::*
	cpe:2.3:h:cisco:vedge_100:-:::::::*
	cpe:2.3:h:cisco:vedge_1000:-:::::::*
	cpe:2.3:h:cisco:vedge_2000:-:::::::*
	cpe:2.3:h:cisco:vedge_5000:-:::::::*
	cpe:2.3:h:cisco:isr_1100:-:::::::*
	cpe:2.3:h:cisco:isr_1100-4g:-:::::::*
	cpe:2.3:h:cisco:isr_1100-6g:-:::::::*

Information

Published : 2022-09-30 12:15

Updated : 2022-10-05 09:16

NVD link : CVE-2022-20850

Mitre link : CVE-2022-20850

JSON object : View

CWE

CWE-20

Improper Input Validation

Advertisement

Products Affected

cisco

sd-wan
vedge_100b
vedge_100
vedge_1000
sd-wan_vsmart_controller
vedge_100m
ios_xe_sd-wan
vedge_2000
vedge_5000
sd-wan_vmanage
isr_1100-4g
isr_1100
sd-wan_vbond_orchestrator
isr_1100-6g

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv", "name": "20220928 Cisco SD-WAN Arbitrary File Deletion Vulnerability", "tags": ["Vendor Advisory"], "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary file path information when using commands in the CLI of an affected device. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-20850", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.8}}, "publishedDate": "2022-09-30T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.4.5"}, {"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.4.5"}, {"cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.4.5"}, {"cpe23Uri": "cpe:2.3:o:cisco:ios_xe_sd-wan:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "16.10.1"}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "18.4.5"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:isr_1100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:isr_1100-4g:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:isr_1100-6g:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-10-05T16:16Z"}