An attacker could attempt to access the vulnerable system via Telnet or SSH. Once on the local system, the attacker could view the system details like host name, IP address, and hostname. The attacker could also view the SD-AVC logs, SD-AVC DNS server IP addresses, and SD-AVC managed device names. A successful exploit of this vulnerability could allow an attacker to view the system details and managed device names without any authentication. An attacker could also view the SD-AVC logs, SD-AVC managed device names, SD-AVC DNS server IP addresses, and SD-AVC managed device details. Cisco recommends that customers review the SD-AVC configuration to ensure that the configuration is correct and that the configuration is not exposing the SD-AVC web server to the Internet. Cisco SD-AVC customers are advised to apply the fixes outlined in the security advisory if they have not already done so.

Vulnerable Products

The following products are vulnerable to CVE-2022:

Cisco SD-AVC 3.2.0 and prior version

Discovered By

Cisco Security Research

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/13/2022 16:53:00 UTC

References