March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-28820 – Adobe ACS AEM Commons Vulnerability
April 25, 2022Rewterz Threat Update – T-Mobile Confirms LAPSUS$ Hack
April 25, 2022Rewterz Threat Advisory – CVE-2022-28820 – Adobe ACS AEM Commons Vulnerability
April 25, 2022Rewterz Threat Update – T-Mobile Confirms LAPSUS$ Hack
April 25, 2022
Severity
High
Analysis Summary
CVE-2022-20773
Umbrella Virtual Appliance for VMWare ESXi and Hyper-V could allow a remote attacker to bypass security restrictions, caused by the use of a static SSH host key. By performing a man-in-the-middle attack on an SSH connection, an attacker could exploit this vulnerability to obtain the administrator credentials, change configurations, or reload the VA.
Impact
Security Bypass
Indicators Of Compromise
CVE
CVE-2022-20773
Affected Vendors
Cisco
Affected Products
- Cisco Umbrella Virtual Appliance for VMWare ESXi 3.3
- Cisco Umbrella Virtual Appliance for Hyper-V 3.3
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.