CVE-2022-20658 An attacker could exploit the web-based interface of Cisco UCMP and UCCDM to gain higher privileges.

An attacker would need valid Advanced User credentials to exploit this vulnerability. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials

Scenario

1. A malicious user tricks a system administrator into visiting a URL on the Internet that hosts an exploit for CVE-2022-20658.
2. The malicious user can then use this exploit to gain potential access to the Cisco Unified CCMP and Cisco Unified CCDM web interfaces.
3. With valid Advanced User credentials, the malicious user could potentially take down the device as well as gain unauthorized access to certain protected data on the device such as configuration files, logs, event log entries, and software image files.

Cisco Unified CallManager Advanced User Access

Privilege Escalation Vulnerability
Advanced User (AU) privileges are restricted to the Administrator, Operator, and Provisioning Manager. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco Unified CCMP and Cisco Unified CCDM are web-based management interfaces that are accessible from the Internet. As a result, these systems could be exploited by any malicious user with a valid IP address, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials.

Cisco AnyConnect Client CVE-2022-20658

An attacker would need valid Advanced User credentials to exploit this vulnerability. Cisco AnyConnect Client is a Cisco product that is used by employees while they are traveling. Cisco AnyConnect Client is a proprietary software that must be installed on the employee’s computer, and it provides VPN connectivity between the employee’s work network and their home network. As a result, this software could be exploited by malicious users with valid IP addresses, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials. Cisco AnyConnect Client is a proprietary software that must be installed on the employee’s computer. As a result, this software could be exploited by malicious users with valid IP addresses, regardless of the user’s role. In addition, a successful exploit could occur even if the user does not have valid Advanced User credentials.

Cisco Catalyst 6500 Series Switches

A vulnerability in the Cisco Catalyst 6500 Series Switches could allow an attacker to gain access to a switch and gain control of voice processing and/or data traffic.

Timeline

Published on: 01/14/2022 05:15:00 UTC
Last modified on: 01/14/2022 18:36:00 UTC

References