Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2022-45047 – Apache MINA SSHD Vulnerability
November 17, 2022
Rewterz
Rewterz Threat Advisory – Multiple Mozilla Firefox and Firefox ESR Vulnerabilities
November 17, 2022

Rewterz Threat Advisory – Multiple Cisco Identity Services Engine Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-20967 CVSS:4.8
Cisco Identity Services Engine is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by an application feature before storage within the External RADIUS Server feature of the web-based management interface. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-20966 CVSS:5.4
Cisco Identity Services Engine is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface tcpdump feature. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2022-20964 CVSS:6.3
Cisco Identity Services Engine could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user input within requests as part of the web-based management interface tcpdump feature. By manipulating requests to the web-based management interface to contain operating system commands, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the system with root privileges.

CVE-2022-20965 CVSS:4.3
Cisco Identity Services Engine could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the web-based management interface. By sending a direct request, an attacker could exploit this vulnerability to take privileged actions within the web-based management interface that should be otherwise restricted.

Impact

  • Cross-Site Scripting
  • Command Execution
  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2022-20967
  • CVE-2022-20966
  • CVE-2022-20964
  • CVE-2022-20965

Affected Vendors

Cisco

Affected Products

  • Cisco Identity Services Engine

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory