CVE-2022-20725

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 15-04-2022 05:15

Last modified: - 16-05-2022 04:58

Total changes: - 3

Description

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

High

Privileges required

Changed

Scope

Required

User interaction

4.8

Base score

1.7

2.7

Exploitability score

Impact score

Verification logic

AND

vendor=cisco AND product=ios AND version=15.6\(2\)t3

vendor=cisco AND product=ios AND version=15.6\(1\)t2

vendor=cisco AND product=ios AND version=15.6\(2\)t1

vendor=cisco AND product=ios AND version=15.6\(3\)m1

vendor=cisco AND product=ios AND version=15.6\(3\)m3

vendor=cisco AND product=ios AND version=15.7\(3\)m

vendor=cisco AND product=ios AND version=15.6\(3\)m2a

vendor=cisco AND product=ios_xe AND version=16.6.1

vendor=cisco AND product=ios AND version=15.6\(2\)t2

vendor=cisco AND product=ios AND version=15.6\(1\)t1

vendor=cisco AND product=ios AND version=15.2\(5\)e1

vendor=cisco AND product=ios AND version=15.2\(5\)e2c

vendor=cisco AND product=ios AND version=15.6\(1\)t3

vendor=cisco AND product=ios AND version=15.6\(2\)t

vendor=cisco AND product=ios AND version=15.6\(3\)m

vendor=cisco AND product=ios AND version=15.6\(3\)m0a

vendor=cisco AND product=ios AND version=15.6\(3\)m1b

vendor=cisco AND product=ios AND version=15.6\(3\)m2

vendor=cisco AND product=ios_xe AND version=16.3.1

vendor=cisco AND product=ios_xe AND version=16.3.1a

vendor=cisco AND product=ios_xe AND version=16.3.2

vendor=cisco AND product=ios_xe AND version=16.3.3

vendor=cisco AND product=ios_xe AND version=16.3.4

vendor=cisco AND product=ios_xe AND version=16.3.5b

vendor=cisco AND product=ios_xe AND version=16.3.6

vendor=cisco AND product=ios_xe AND version=16.4.1

vendor=cisco AND product=ios_xe AND version=16.4.2

vendor=cisco AND product=ios_xe AND version=16.5.1

vendor=cisco AND product=ios_xe AND version=16.5.1a

vendor=cisco AND product=ios_xe AND version=16.5.1b

vendor=cisco AND product=ios AND version=15.2\(6\)e0a

vendor=cisco AND product=ios AND version=15.2\(6\)e1

vendor=cisco AND product=ios AND version=15.6\(2\)t0a

vendor=cisco AND product=ios AND version=15.6\(3\)m1a

vendor=cisco AND product=ios AND version=15.6\(3\)m3a

vendor=cisco AND product=ios AND version=15.6\(3\)m4

vendor=cisco AND product=ios AND version=15.6\(3\)m5

vendor=cisco AND product=ios AND version=15.7\(3\)m0a

vendor=cisco AND product=ios AND version=15.7\(3\)m1

vendor=cisco AND product=ios AND version=15.7\(3\)m2

vendor=cisco AND product=ios AND version=15.7\(3\)m3

vendor=cisco AND product=ios AND version=15.8\(3\)m0a

vendor=cisco AND product=ios_xe AND version=16.3.5

vendor=cisco AND product=ios_xe AND version=16.3.7

vendor=cisco AND product=ios_xe AND version=16.3.8

vendor=cisco AND product=ios_xe AND version=16.4.3

vendor=cisco AND product=ios_xe AND version=16.5.2

vendor=cisco AND product=ios_xe AND version=16.5.3

vendor=cisco AND product=ios_xe AND version=16.6.2

vendor=cisco AND product=ios_xe AND version=16.6.3

vendor=cisco AND product=ios_xe AND version=16.6.4

vendor=cisco AND product=ios_xe AND version=16.6.4s

vendor=cisco AND product=ios_xe AND version=16.7.1

vendor=cisco AND product=ios_xe AND version=16.7.1a

vendor=cisco AND product=ios_xe AND version=16.7.1b

vendor=cisco AND product=ios_xe AND version=16.7.2

vendor=cisco AND product=ios_xe AND version=16.7.3

vendor=cisco AND product=ios_xe AND version=16.8.1

vendor=cisco AND product=ios_xe AND version=16.8.1a

vendor=cisco AND product=ios_xe AND version=16.8.1b

vendor=cisco AND product=ios_xe AND version=16.8.1c

vendor=cisco AND product=ios_xe AND version=16.8.1d

vendor=cisco AND product=ios_xe AND version=16.8.1e

vendor=cisco AND product=ios_xe AND version=16.8.1s

vendor=cisco AND product=ios_xe AND version=16.8.2

vendor=cisco AND product=ios_xe AND version=16.9.1

vendor=cisco AND product=ios_xe AND version=16.9.1b

vendor=cisco AND product=ios_xe AND version=16.9.1c

vendor=cisco AND product=ios_xe AND version=16.9.1d

vendor=cisco AND product=ios_xe AND version=16.9.1s

vendor=cisco AND product=ios AND version=15.2\(6\)e2a

vendor=cisco AND product=ios AND version=15.2\(7\)e

vendor=cisco AND product=ios AND version=15.2\(7\)e0b

vendor=cisco AND product=ios AND version=15.2\(7\)e0s

vendor=cisco AND product=ios AND version=15.6\(3\)m6

vendor=cisco AND product=ios AND version=15.6\(3\)m6a

vendor=cisco AND product=ios AND version=15.6\(3\)m6b

vendor=cisco AND product=ios AND version=15.6\(3\)m7

vendor=cisco AND product=ios AND version=15.6\(3\)m8

vendor=cisco AND product=ios AND version=15.6\(3\)m9

vendor=cisco AND product=ios AND version=15.7\(3\)m4

vendor=cisco AND product=ios AND version=15.7\(3\)m4a

vendor=cisco AND product=ios AND version=15.7\(3\)m4b

vendor=cisco AND product=ios AND version=15.7\(3\)m5

vendor=cisco AND product=ios AND version=15.7\(3\)m6

vendor=cisco AND product=ios AND version=15.7\(3\)m7

vendor=cisco AND product=ios AND version=15.8\(3\)m

vendor=cisco AND product=ios AND version=15.8\(3\)m0b

vendor=cisco AND product=ios AND version=15.8\(3\)m1

vendor=cisco AND product=ios AND version=15.8\(3\)m1a

vendor=cisco AND product=ios AND version=15.8\(3\)m2

vendor=cisco AND product=ios AND version=15.8\(3\)m2a

vendor=cisco AND product=ios AND version=15.8\(3\)m3

vendor=cisco AND product=ios AND version=15.8\(3\)m3a

vendor=cisco AND product=ios AND version=15.8\(3\)m3b

vendor=cisco AND product=ios AND version=15.8\(3\)m4

vendor=cisco AND product=ios AND version=15.8\(3\)m5

vendor=cisco AND product=ios AND version=15.9\(3\)m

vendor=cisco AND product=ios AND version=15.9\(3\)m0a

vendor=cisco AND product=ios_xe AND version=16.3.9

vendor=cisco AND product=ios_xe AND version=16.3.10

vendor=cisco AND product=ios_xe AND version=16.6.4a

vendor=cisco AND product=ios_xe AND version=16.6.5

vendor=cisco AND product=ios_xe AND version=16.6.5a

vendor=cisco AND product=ios_xe AND version=16.6.5b

vendor=cisco AND product=ios_xe AND version=16.6.6

vendor=cisco AND product=ios_xe AND version=16.6.7

vendor=cisco AND product=ios_xe AND version=16.6.7a

vendor=cisco AND product=ios_xe AND version=16.7.4

vendor=cisco AND product=ios_xe AND version=16.8.3

vendor=cisco AND product=ios_xe AND version=16.9.1a

vendor=cisco AND product=ios_xe AND version=16.9.2

vendor=cisco AND product=ios_xe AND version=16.9.2a

vendor=cisco AND product=ios_xe AND version=16.9.2s

vendor=cisco AND product=ios_xe AND version=16.9.3

vendor=cisco AND product=ios_xe AND version=16.9.3a

vendor=cisco AND product=ios_xe AND version=16.9.3h

vendor=cisco AND product=ios_xe AND version=16.9.3s

vendor=cisco AND product=ios_xe AND version=16.9.4

vendor=cisco AND product=ios_xe AND version=16.9.4c

vendor=cisco AND product=ios_xe AND version=16.9.5

vendor=cisco AND product=ios_xe AND version=16.10.1

vendor=cisco AND product=ios_xe AND version=16.10.1a

vendor=cisco AND product=ios_xe AND version=16.10.1b

vendor=cisco AND product=ios_xe AND version=16.10.1c

vendor=cisco AND product=ios_xe AND version=16.10.1d

vendor=cisco AND product=ios_xe AND version=16.10.1e

vendor=cisco AND product=ios_xe AND version=16.10.1f

vendor=cisco AND product=ios_xe AND version=16.10.1g

vendor=cisco AND product=ios_xe AND version=16.10.1s

vendor=cisco AND product=ios_xe AND version=16.10.2

vendor=cisco AND product=ios_xe AND version=16.10.3

vendor=cisco AND product=ios_xe AND version=16.11.1

vendor=cisco AND product=ios_xe AND version=16.11.1a

vendor=cisco AND product=ios_xe AND version=16.11.1b

vendor=cisco AND product=ios_xe AND version=16.11.1c

vendor=cisco AND product=ios_xe AND version=16.11.1s

vendor=cisco AND product=ios_xe AND version=16.11.2

vendor=cisco AND product=ios_xe AND version=16.12.1

vendor=cisco AND product=ios_xe AND version=16.12.1a

vendor=cisco AND product=ios_xe AND version=16.12.1c

vendor=cisco AND product=ios_xe AND version=16.12.1s

vendor=cisco AND product=ios_xe AND version=16.12.1t

vendor=cisco AND product=ios_xe AND version=16.12.1w

vendor=cisco AND product=ios_xe AND version=16.12.1x

vendor=cisco AND product=ios_xe AND version=16.12.1y

vendor=cisco AND product=ios_xe AND version=16.12.2

vendor=cisco AND product=ios_xe AND version=16.12.2a

vendor=cisco AND product=ios_xe AND version=16.12.4

vendor=cisco AND product=ios_xe AND version=17.1.1

vendor=cisco AND product=cgr1000_compute_module

vendor=cisco AND product=ic3000_industrial_compute_gateway

vendor=cisco AND product=ir510_operating_system

vendor=cisco AND product=ios AND version=15.7\(3\)m8

vendor=cisco AND product=ios AND version=15.7\(3\)m9

vendor=cisco AND product=ios AND version=15.8\(3\)m6

vendor=cisco AND product=ios AND version=15.8\(3\)m7

vendor=cisco AND product=ios AND version=15.9\(3\)m1

vendor=cisco AND product=ios AND version=15.9\(3\)m2

vendor=cisco AND product=ios AND version=15.9\(3\)m2a

vendor=cisco AND product=ios AND version=15.9\(3\)m3

vendor=cisco AND product=ios AND version=15.9\(3\)m3a

vendor=cisco AND product=ios AND version=15.9\(3\)m3b

vendor=cisco AND product=ios AND version=15.9\(3\)m4

vendor=cisco AND product=ios AND version=15.9\(3\)m4a

vendor=cisco AND product=ios_xe AND version=16.3.11

vendor=cisco AND product=ios_xe AND version=16.6.8

vendor=cisco AND product=ios_xe AND version=16.6.9

vendor=cisco AND product=ios_xe AND version=16.6.10

vendor=cisco AND product=ios_xe AND version=16.9.5f

vendor=cisco AND product=ios_xe AND version=16.9.6

vendor=cisco AND product=ios_xe AND version=16.9.7

vendor=cisco AND product=ios_xe AND version=16.9.8

vendor=cisco AND product=ios_xe AND version=16.12.2s

vendor=cisco AND product=ios_xe AND version=16.12.2t

vendor=cisco AND product=ios_xe AND version=16.12.3

vendor=cisco AND product=ios_xe AND version=16.12.3a

vendor=cisco AND product=ios_xe AND version=16.12.3s

vendor=cisco AND product=ios_xe AND version=16.12.4a

vendor=cisco AND product=ios_xe AND version=16.12.5

vendor=cisco AND product=ios_xe AND version=16.12.5a

vendor=cisco AND product=ios_xe AND version=17.1.1a

vendor=cisco AND product=ios_xe AND version=17.1.1s

vendor=cisco AND product=ios_xe AND version=17.1.1t

vendor=cisco AND product=ios_xe AND version=17.1.2

vendor=cisco AND product=ios_xe AND version=17.1.3

vendor=cisco AND product=ios_xe AND version=17.2.1

vendor=cisco AND product=ios_xe AND version=17.2.1a

vendor=cisco AND product=ios_xe AND version=17.2.1r

vendor=cisco AND product=ios_xe AND version=17.2.1v

vendor=cisco AND product=ios_xe AND version=17.2.2

vendor=cisco AND product=ios_xe AND version=17.2.3

vendor=cisco AND product=ios_xe AND version=17.3.1

vendor=cisco AND product=ios_xe AND version=17.3.1a

vendor=cisco AND product=ios_xe AND version=17.3.1w

vendor=cisco AND product=ios_xe AND version=17.3.1x

vendor=cisco AND product=ios_xe AND version=17.3.1z

vendor=cisco AND product=ios_xe AND version=17.3.2

vendor=cisco AND product=ios_xe AND version=17.3.2a

vendor=cisco AND product=ios_xe AND version=17.3.3

vendor=cisco AND product=ios_xe AND version=17.3.3a

vendor=cisco AND product=ios_xe AND version=17.3.4

vendor=cisco AND product=ios_xe AND version=17.3.4a

vendor=cisco AND product=ios_xe AND version=17.3.4b

vendor=cisco AND product=ios_xe AND version=17.3.4c

vendor=cisco AND product=ios_xe AND version=17.4.1

vendor=cisco AND product=ios_xe AND version=17.4.1a

vendor=cisco AND product=ios_xe AND version=17.4.1b

vendor=cisco AND product=ios_xe AND version=17.4.1c

vendor=cisco AND product=ios_xe AND version=17.4.2

vendor=cisco AND product=ios_xe AND version=17.4.2a

vendor=cisco AND product=ios_xe AND version=17.5.1

vendor=cisco AND product=ios_xe AND version=17.5.1a

vendor=cisco AND product=ios_xe AND version=17.6.1

vendor=cisco AND product=ios_xe AND version=17.6.1a

vendor=cisco AND product=886va-w_integrated_services_router AND version=-

vendor=cisco AND product=cgr_1240 AND version=-

vendor=cisco AND product=888_integrated_services_router AND version=-

vendor=cisco AND product=887v_integrated_services_router AND version=-

vendor=cisco AND product=887va_integrated_services_router AND version=-

vendor=cisco AND product=cgr_1120 AND version=-

vendor=cisco AND product=880_3g_integrated_services_router AND version=-

vendor=cisco AND product=886va_integrated_services_router AND version=-

vendor=cisco AND product=892_integrated_services_router AND version=-

vendor=cisco AND product=881_integrated_services_router AND version=-

vendor=cisco AND product=800m_integrated_services_router AND version=-

vendor=cisco AND product=861_integrated_services_router AND version=-

vendor=cisco AND product=866vae_integrated_services_router AND version=-

vendor=cisco AND product=867_integrated_services_router AND version=-

vendor=cisco AND product=880-voice_integrated_services_router AND version=-

vendor=cisco AND product=881_3g_integrated_services_router AND version=-

vendor=cisco AND product=881-cube_integrated_services_router AND version=-

vendor=cisco AND product=886_integrated_services_router AND version=-

vendor=cisco AND product=887_integrated_services_router AND version=-

vendor=cisco AND product=887va-cube_integrated_services_router AND version=-

vendor=cisco AND product=887vamg_3g_integrated_services_router AND version=-

vendor=cisco AND product=887vam-w_integrated_services_router AND version=-

vendor=cisco AND product=887va-w_integrated_services_router AND version=-

vendor=cisco AND product=888-cube_integrated_services_router AND version=-

vendor=cisco AND product=888e_integrated_services_router AND version=-

vendor=cisco AND product=891_integrated_services_router AND version=-

vendor=cisco AND product=891-24x_integrated_services_router AND version=-

vendor=cisco AND product=892f-cube_integrated_services_router AND version=-

vendor=cisco AND product=860vae-w_integrated_services_router AND version=-

vendor=cisco AND product=819_hardened_dual_radio_802.11n_wifi_integrated_services_router AND version=-

vendor=cisco AND product=807_industrial_integrated_services_router AND version=-

vendor=cisco AND product=829_industrial_integrated_services_router AND version=-

vendor=cisco AND product=812_3g_integrated_services_router AND version=-

vendor=cisco AND product=812_cifi_integrated_services_router AND version=-

vendor=cisco AND product=861w_integrated_services_router AND version=-

vendor=cisco AND product=867vae_integrated_services_router AND version=-

vendor=cisco AND product=881w_integrated_services_router AND version=-

vendor=cisco AND product=886va-cube_integrated_services_router AND version=-

vendor=cisco AND product=886vag_3g_integrated_services_router AND version=-

vendor=cisco AND product=887vag_3g_integrated_services_router AND version=-

vendor=cisco AND product=888e-cube_integrated_services_router AND version=-

vendor=cisco AND product=888eg_3g_integrated_services_router AND version=-

vendor=cisco AND product=888w_integrated_services_router AND version=-

vendor=cisco AND product=891w_integrated_services_router AND version=-

vendor=cisco AND product=892w_integrated_services_router AND version=-

vendor=cisco AND product=819_hardened_integrated_services_router AND version=-

vendor=cisco AND product=cgr_1000 AND version=-

vendor=cisco AND product=ie-4000-16gt4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-16t4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-4gc4gp4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-4gs8gp4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-4s8p4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-4t4p4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-4tc4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-8gs4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-8gt4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-8gt8gp4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-8s4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4000-8t4g-e_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4010-16s12p_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ie-4010-4s24p_industrial_ethernet_switch AND version=-

vendor=cisco AND product=ic3000_industrial_compute_gateway AND version=-

vendor=cisco AND product=ir510_wpan AND version=-

Reference

Keywords

CVE-2022-20725

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-20725

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures