CVE-2022-20762

Name of the Vulnerable Software and Affected Versions Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure (SMI) (affected versions not specified)

Description The issue is related to insufficient access control in the Common Execution Environment (CEE) ConfD CLI, which could allow an authenticated, local attacker to escalate privileges on an affected device. An attacker could exploit this by authenticating as a CEE ConfD CLI user and executing a specific CLI command, potentially accessing privileged containers with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.