Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability
Summary
| CVE | CVE-2022-20773 |
|---|---|
| State | PUBLISHED |
| Assigner | cisco |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-04-21 19:15:08 UTC |
| Updated | 2026-06-22 13:52:07 UTC |
| Description | A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA. |
Risk And Classification
Primary CVSS: v3.1 7.5 HIGH from [email protected]
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS: 0.010940000 probability, percentile 0.612440000 (date 2026-06-24)
Problem Types: CWE-321 | CWE-798 | CWE-321 CWE-321
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | [email protected] | Secondary | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | CNA | DECLARED | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
HighPrivileges Required
NoneUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Umbrella Virtual Appliance | All | All | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Cisco | Cisco Umbrella Insights Virtual Appliance | affected n/a | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uva-st... | af854a3a-2127-422b-91ae-364da2661108 | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
Exploits
CNA: The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
There are currently no legacy QID mappings associated with this CVE.