CVE-2022-20818

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN Software versions (affected versions not specified) Cisco SD-WAN vBond Orchestrator versions (affected versions not specified) Cisco SD-WAN vEdge Cloud Routers versions (affected versions not specified) Cisco SD-WAN vEdge Routers versions (affected versions not specified) Cisco SD-WAN vSmart Controller versions (affected versions not specified) Cisco SD-WAN vManage versions (affected versions not specified)

Description The issue is related to improper access controls on commands within the application CLI of Cisco SD-WAN Software, allowing an authenticated, local attacker to gain elevated privileges. An attacker could exploit this by running a malicious command on the application CLI, potentially executing arbitrary commands as the root user. The vulnerability is also associated with incorrect restriction of the directory path name with limited access, which could allow an attacker to create or overwrite critical files as the root user.

Recommendations For Cisco SD-WAN Software, consider restricting access to the CLI to minimize the risk of exploitation. For Cisco SD-WAN vBond Orchestrator, Cisco SD-WAN vEdge Cloud Routers, Cisco SD-WAN vEdge Routers, Cisco SD-WAN vSmart Controller, and Cisco SD-WAN vManage, restrict access to the vulnerable CLI commands until a patch is available. As a temporary workaround, consider disabling commands that allow execution of arbitrary commands as the root user until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.