CVE-2022-20939

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 15, 2024

CWE ID 922

Summary

CVE-2022-20939 is a vulnerability affecting the web-based management interface of Cisco Smart Software Manager On-Prem. This issue allows authenticated, remote attackers to elevate privileges on vulnerable systems. The vulnerability stems from insufficient protection of sensitive user information. An attacker can exploit this flaw by accessing specific logs on an affected system, which could then be used to elevate privileges up to System Admin level. Cisco has released software patches to mitigate this vulnerability, and no workarounds are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/lJjnH6
https://www.cve.org/CVERecord?id=CVE-2022-20939
https://nvd.nist.gov/vuln/detail/CVE-2022-20939

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners

CVE-2022-20939

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations