CVE-2022-20725
Summary
| CVE | CVE-2022-20725 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-15 15:15:00 UTC |
| Updated | 2023-11-07 03:42:00 UTC |
| Description | Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | 800m Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 807 Industrial Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 812 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 812 Cifi Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 819 Hardened Dual Radio 802.11n Wifi Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 819 Hardened Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 829 Industrial Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 860vae-w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 861w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 861 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 866vae Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 867vae Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 867 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 880-voice Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 880 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 881-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 881w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 881 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 881 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 886va-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 886va-w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 886vag 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 886va Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 886 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887va-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887va-w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887vag 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887vam-w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887vamg 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887va Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887v Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 887 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888e-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888eg 3g Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888e Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 888 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 891-24x Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 891w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 891 Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 892f-cube Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 892w Integrated Services Router | - | All | All | All |
| Hardware | Cisco | 892 Integrated Services Router | - | All | All | All |
| Application | Cisco | Cgr1000 Compute Module | All | All | All | All |
| Hardware | Cisco | Cgr 1000 | - | All | All | All |
| Hardware | Cisco | Cgr 1120 | - | All | All | All |
| Hardware | Cisco | Cgr 1240 | - | All | All | All |
| Hardware | Cisco | Ic3000 Industrial Compute Gateway | - | All | All | All |
| Application | Cisco | Ic3000 Industrial Compute Gateway | All | All | All | All |
| Hardware | Cisco | Ie-4000-16gt4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-16t4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-4gc4gp4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-4gs8gp4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-4s8p4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-4t4p4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-4tc4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-8gs4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-8gt4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-8gt8gp4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-8s4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4000-8t4g-e Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4010-16s12p Industrial Ethernet Switch | - | All | All | All |
| Hardware | Cisco | Ie-4010-4s24p Industrial Ethernet Switch | - | All | All | All |
| Operating System | Cisco | Ios | 15.2\(5\)e1 | All | All | All |
| Operating System | Cisco | Ios | 15.2\(5\)e2c | All | All | All |
| Operating System | Cisco | Ios | 15.2\(6\)e0a | All | All | All |
| Operating System | Cisco | Ios | 15.2\(6\)e1 | All | All | All |
| Operating System | Cisco | Ios | 15.2\(6\)e2a | All | All | All |
| Operating System | Cisco | Ios | 15.2\(7\)e | All | All | All |
| Operating System | Cisco | Ios | 15.2\(7\)e0b | All | All | All |
| Operating System | Cisco | Ios | 15.2\(7\)e0s | All | All | All |
| Operating System | Cisco | Ios | 15.6\(1\)t1 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(1\)t2 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(1\)t3 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(2\)t | All | All | All |
| Operating System | Cisco | Ios | 15.6\(2\)t0a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(2\)t1 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(2\)t2 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(2\)t3 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m0a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m1 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m1a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m1b | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m2a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m3 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m3a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m4 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m5 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m6 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m6a | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m6b | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m7 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m8 | All | All | All |
| Operating System | Cisco | Ios | 15.6\(3\)m9 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m0a | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m1 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m3 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m4 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m4a | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m4b | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m5 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m6 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m7 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m8 | All | All | All |
| Operating System | Cisco | Ios | 15.7\(3\)m9 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m0a | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m0b | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m1 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m1a | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m2a | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m3 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m3a | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m3b | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m4 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m5 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m6 | All | All | All |
| Operating System | Cisco | Ios | 15.8\(3\)m7 | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m0a | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m1 | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m2a | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m3 | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m3a | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m3b | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m4 | All | All | All |
| Operating System | Cisco | Ios | 15.9\(3\)m4a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1d | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1e | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1f | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1g | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.10.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.11.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1t | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1w | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1x | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.1y | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.2a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.2t | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.3a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.3s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.4a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.5 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.12.5a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.10 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.11 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.5 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.5b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.6 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.7 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.8 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.3.9 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.4.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.4.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.4.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.5.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.10 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.4a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.4s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.5 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.5a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.5b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.6 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.7 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.7a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.8 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.6.9 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.7.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1d | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1e | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.8.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1d | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.2a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.2s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.3a | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.3h | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.3s | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.4c | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.5 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.5f | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.6 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.7 | All | All | All |
| Operating System | Cisco | Ios Xe | 16.9.8 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.1s | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.1t | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.1.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.1r | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.1v | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.2.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.1w | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.1x | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.1z | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.2a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.3 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.3a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.4 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.4a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.4b | All | All | All |
| Operating System | Cisco | Ios Xe | 17.3.4c | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.1b | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.1c | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.2 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.4.2a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.5.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.5.1a | All | All | All |
| Operating System | Cisco | Ios Xe | 17.6.1 | All | All | All |
| Operating System | Cisco | Ios Xe | 17.6.1a | All | All | All |
| Application | Cisco | Ir510 Operating System | All | All | All | All |
| Hardware | Cisco | Ir510 Wpan | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 20220413 Cisco IOx Application Hosting Environment Vulnerabilities | CISCO | tools.cisco.com | |
| Cisco IOx - Application Environment Cross-site Scripting Vulnerability (CVE-2022-20725) · Advisory · orangecertcc/security-research · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 317164 Cisco IOx Application Hosting Environment Multiple Vulnerabilities (cisco-sa-iox-yuXQ6hFj)