⚠ Actively exploited
Added to CISA KEV on 2022-05-23. Federal agencies required to patch by 2022-06-13. Required action: Apply updates per vendor instructions..

CVE-2022-20821Sensitive Information Exposure in Cisco IOS XR Software

CWE-200Sensitive Information ExposureCWE-923Improper Restriction of Communication Channel to Intended Endpoints6 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
8.8%
top 7.45%
CISA KEV
KEV
Added 2022-05-23
Due 2022-06-13
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Cisco IOS XR Software
Timeline
KEV addedMay 23
PublishedMay 26
Latest updateMay 27
KEV dueJun 13
CISA Required Action: Apply updates per vendor instructions.

Description

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-6whc-cmc9-99q6: A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is2022-05-27
CVEList
Cisco IOS XR Software Health Check Open Port Vulnerability2022-05-26
VulnCheck
Cisco IOS XR Open Port Vulnerability2022

📋Vendor Advisories

2
CISA
Cisco IOS XR Open Port Vulnerability2022-05-23
Cisco
Cisco IOS XR Software Health Check Open Port Vulnerability2022-05-20
CVE-2022-20821 — Sensitive Information Exposure | cvebase