CVE-2022-20681

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands with level 15 privileges on the affected device.

Published: Apr 15, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-20681
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	16.12.1	16.12.1.x
cisco / ios_xe	16.11.1	16.11.1.x
cisco / ios_xe	17.1.1	17.1.1.x
cisco / ios_xe	16.11.1a	16.11.1a.x
cisco / ios_xe	16.12.1c	16.12.1c.x
cisco / ios_xe	16.12.1t	16.12.1t.x
cisco / ios_xe	16.11.2	16.11.2.x
cisco / ios_xe	16.12.1s	16.12.1s.x
cisco / ios_xe	16.12.1a	16.12.1a.x
cisco / ios_xe	16.12.1x	16.12.1x.x
cisco / ios_xe	16.11.1c	16.11.1c.x
cisco / ios_xe	16.11.1b	16.11.1b.x
cisco / ios_xe	16.11.1s	16.11.1s.x
cisco / ios_xe	16.12.1w	16.12.1w.x
cisco / ios_xe	16.12.1y	16.12.1y.x
cisco / ios_xe	16.12.2	16.12.2.x
cisco / ios_xe	16.12.2a	16.12.2a.x
cisco / ios_xe	16.12.4	16.12.4.x
cisco / ios_xe	16.12.3	16.12.3.x
cisco / ios_xe	17.2.1	17.2.1.x
cisco / ios_xe	17.4.1	17.4.1.x
cisco / ios_xe	17.1.1s	17.1.1s.x
cisco / ios_xe	16.12.2t	16.12.2t.x
cisco / ios_xe	17.1.1a	17.1.1a.x
cisco / ios_xe	16.12.2s	16.12.2s.x
cisco / ios_xe	16.12.3a	16.12.3a.x
cisco / ios_xe	17.1.1t	17.1.1t.x
cisco / ios_xe	17.2.1a	17.2.1a.x
cisco / ios_xe	17.2.1v	17.2.1v.x
cisco / ios_xe	16.12.1z	16.12.1z.x
cisco / ios_xe	16.12.3s	16.12.3s.x
cisco / ios_xe	17.2.1r	17.2.1r.x
cisco / ios_xe	17.1.2	17.1.2.x
cisco / ios_xe	16.12.4a	16.12.4a.x
cisco / ios_xe	17.1.3	17.1.3.x
cisco / ios_xe	17.2.2	17.2.2.x
cisco / ios_xe	17.3.1	17.3.1.x
cisco / ios_xe	17.4.1a	17.4.1a.x
cisco / ios_xe	17.3.2	17.3.2.x
cisco / ios_xe	17.4.1b	17.4.1b.x
cisco / ios_xe	17.3.1a	17.3.1a.x
cisco / ios_xe	17.3.2a	17.3.2a.x
cisco / ios_xe	17.3.1w	17.3.1w.x
cisco / ios_xe	17.2.3	17.2.3.x
cisco / ios_xe	17.3.1x	17.3.1x.x
cisco / ios_xe	16.12.5	16.12.5.x
cisco / ios_xe	16.12.5b	16.12.5b.x
cisco / ios_xe	16.12.1z1	16.12.1z1.x
cisco / ios_xe	16.12.5a	16.12.5a.x
cisco / ios_xe	17.5.1	17.5.1.x
cisco / ios_xe	16.12.1z2	16.12.1z2.x
cisco / ios_xe	17.3.1z	17.3.1z.x
cisco / ios_xe	17.3.3	17.3.3.x
cisco / ios_xe	17.3.3a	17.3.3a.x
cisco / ios_xe	17.4.1c	17.4.1c.x
cisco / ios_xe	17.5.1a	17.5.1a.x
cisco / ios_xe	17.6.1	17.6.1.x
cisco / ios_xe	17.3.4a	17.3.4a.x
cisco / ios_xe	17.4.2	17.4.2.x
cisco / ios_xe	17.3.4b	17.3.4b.x
cisco / ios_xe	17.6.1a	17.6.1a.x
cisco / ios_xe	17.3.4c	17.3.4c.x
cisco / ios_xe	17.4.2a	17.4.2a.x
cisco / ios_xe	17.3.4	17.3.4.x
cisco / ios_xe	17.6.1w	17.6.1w.x
cisco / ios_xe	16.12.6a	16.12.6a.x
cisco / ios_xe	16.12.6	16.12.6.x

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-priv-esc-ybvHKO5

Vulnerability Database

289,599

CVE-2022-20681