CVE-2022-20755 The API and web-based management interfaces of Cisco Expressway and VCS could be vulnerable to write privileges if an attacker has read/write privileges.

Cisco XE Switch Software versions prior to 2.2.2, Cisco XE Software versions prior to 2.2.1, Cisco XE Software versions prior to 1.8, Cisco XE Software versions prior to 1.6, Cisco XE Software versions prior to 1.4, and Cisco XE Software versions prior to 1.2 contain a vulnerability that could allow an unauthenticated attacker to cause a denial-of-service (DoS) condition. An attacker could exploit this vulnerability by sending large packets of data to the device. Cisco XE Switch Software versions 2.2.2, Cisco XE Software versions 2.2.1, Cisco XE Software versions 1.8, Cisco XE Software versions 1.6, Cisco XE Software versions 1.4, and Cisco XE Software versions 1.2 contain a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code on an affected device as the root user. An attacker could exploit this vulnerability by sending crafted HTTP requests to the device. Cisco XE Switch Software versions prior to 2.2.2, Cisco XE Software versions prior to 2.2.1, Cisco XE Software versions prior to 1.8, Cisco XE Software versions prior to 1.6, Cisco XE Software versions prior to 1.4, and Cisco XE Software versions prior to 1.2 contain a vulnerability that could allow an authenticated, remote attacker to cause a denial-of-service (

Affected Software

* Cisco XE Switch Software versions 2.2.2, Cisco XE Software versions 2.2.1, Cisco XE Software versions 1.8, Cisco XE Software versions 1.6, Cisco XE Software versions 1.4, and Cisco XE Software version 1.2
* Cisco XE Switch Software version prior to 2.2.2
* Cisco XE Device Manager Software version prior to 2.0
* Cisco XE System Manager (including the software for managing TCP/IP services)

Solution

Cisco released software updates that address the vulnerabilities in all affected products, however a workaround is available.

Vulnerable Software and Checkpoints

A vulnerability in Cisco XE Software versions prior to 1.2, Cisco XE Software versions prior to 1.8, and Cisco XE Software versions prior to 2.2.2 could allow an authenticated, remote attacker to cause a denial-of-service condition on an affected device. The vulnerability is due to insufficient validation of malformed IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv6 packets that the device parses as malformed or invalid and triggers a DoS condition on the device. The vulnerability is only exploitable over a LAN connection from within the same VLAN and from within the same subnet range as the target device.

Cisco XE Switch Software version 2.2.2 and later, Cisco XE Software version 2.2.1 and later, Cisco XE Software version 1.8 and later, Cisco XE Software version 1.6 and later, Cisco XE Software version 1.4 and later, and Cisco XE Software version 1.2 are not vulnerable because they contain a fix for this vulnerability.

Timeline

Published on: 04/06/2022 19:15:00 UTC
Last modified on: 04/14/2022 15:38:00 UTC

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-filewrite-87Q5YRk
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20755