CVE-2022-20734

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vManage Software (affected versions not specified)

Description A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This issue is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this by accessing the vshell of an affected system, potentially allowing them to read sensitive information on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-497

Related Identifiers

BDU:2022-02915

CVE-2022-20734

Affected Products

Cisco Sd-Wan Vmanage

CVE-2022-20734

Weakness Enumeration

Related Identifiers

Affected Products

References · 6