CVE-2022-20655
published 2024-11-15CVE-2022-20655: A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection…
high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack.
The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.
Affected
66 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |
| cisco | cisco_carrier_packet_transport | — | — |