CVE-2022-20871

Name of the Vulnerable Software and Affected Versions Cisco Secure Web Appliance versions prior to 14.5.0-537 Cisco Secure Web Appliance versions 12.5 and 14.0 (updates pending)

Description A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root. This is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this by authenticating to the system and sending a crafted HTTP packet to the affected device, potentially allowing the execution of arbitrary commands on the underlying operating system and elevation of privileges to root. The attacker would need at least read-only credentials to successfully exploit this vulnerability.

Recommendations For Cisco Secure Web Appliance version prior to 14.5.0-537, update to version 14.5.0-537 or later. For Cisco Secure Web Appliance versions 12.5 and 14.0, apply the pending updates as soon as they are available. As a temporary workaround, consider restricting access to the web management interface until the update is applied.