CVE-2022-20677: Cisco IOx Application Hosting Environment Vulnerabilities
First published: Fri Apr 15 2022(Updated: )
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =17.6.1 | |
| Cisco 1100-4g/6g Integrated Services Router | ||
| Cisco 1100 Integrated Services Router | ||
| Cisco 1101 Integrated Services Router | ||
| Cisco 1109 Integrated Services Router | ||
| Cisco 111x Integrated Services Router | ||
| Cisco 111x Integrated Services Router | ||
| Cisco 1120 Integrated Services Router | ||
| Cisco 1131 Integrated Services Router | ||
| Cisco 1160 Integrated Services Router | ||
| Cisco 4221 Integrated Services Router | ||
| Cisco 8101-32h | ||
| Cisco 8101-32h | ||
| Cisco 8102-64h | ||
| Cisco 8201 | ||
| Cisco 8201 | ||
| Cisco 8202 | ||
| Cisco 8800 | ||
| Cisco ASR 1001-X | ||
| Cisco ASR 1002 Fixed Router | ||
| Cisco ASR 1006-X | ||
| Cisco ASR 1009-X | ||
| Cisco ASR 900 Series firmware | ||
| Cisco ASR 9000v | ||
| Cisco ASR 9001 | ||
| Cisco ASR 9006 Router | ||
| Cisco ASR 9010 Router | ||
| Cisco ASR 9901-RP Firmware | ||
| Cisco ASR 9902 | ||
| Cisco ASR 9903 | ||
| Cisco ASR 9904 | ||
| Cisco ASR 9906 | ||
| Cisco ASR 9910 | ||
| Cisco ASR 9912 | ||
| Cisco ASR 9922 | ||
| Cisco Catalyst 3650 | ||
| Cisco Catalyst 3850 | ||
| Cisco Catalyst 8200 | ||
| Cisco Catalyst 8300 | ||
| Cisco Catalyst 8500L Series Router | ||
| Cisco Catalyst 8500 | ||
| Cisco Catalyst 9200CX | ||
| Cisco Catalyst 9300 Firmware | ||
| Cisco Catalyst 9400 | ||
| Cisco Catalyst 9500 Series | ||
| Cisco Catalyst 9500H | ||
| Cisco Catalyst 9600 | ||
| Cisco Catalyst 9800 Firmware | ||
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Catalyst 9800-CL | ||
| Cisco Catalyst 9800-L | ||
| Cisco CG418-E | ||
| Cisco Catalyst CG522-E | ||
| Cisco ESS9300-10X-E | ||
| Cisco Catalyst IE3200 | ||
| Cisco Catalyst IE3300 | ||
| Cisco Catalyst IE3400 | ||
| Cisco Catalyst IE9300 | ||
| Cisco Cloud Services Router 1000V | ||
| Cisco ESR3300 | ||
| Cisco ESR6300 Embedded Series Routers |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-20677.
What is the severity of CVE-2022-20677?
The severity of CVE-2022-20677 is high with a score of 6.7.
Which platforms are affected by CVE-2022-20677?
Multiple Cisco platforms are affected by CVE-2022-20677.
What can an attacker do with CVE-2022-20677?
An attacker can inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, and install applications without being authenticated.
Where can I find more information about CVE-2022-20677?
You can find more information about CVE-2022-20677 on the Cisco Security Advisory page: [Link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj).
- agent/type
- agent/references
- agent/severity
- agent/title
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/17.6.1
- canonical/cisco 1100-4g/6g integrated services router
- canonical/cisco 1100 integrated services router
- canonical/cisco 1101 integrated services router
- canonical/cisco 1109 integrated services router
- canonical/cisco 111x integrated services router
- canonical/cisco 1120 integrated services router
- canonical/cisco 1131 integrated services router
- canonical/cisco 1160 integrated services router
- canonical/cisco 4221 integrated services router
- canonical/cisco 8101-32h
- canonical/cisco 8102-64h
- canonical/cisco 8201
- canonical/cisco 8202
- canonical/cisco 8800
- canonical/cisco asr 1001-x
- canonical/cisco asr 1002 fixed router
- canonical/cisco asr 1006-x
- canonical/cisco asr 1009-x
- canonical/cisco asr 900 series firmware
- canonical/cisco asr 9000v
- canonical/cisco asr 9001
- canonical/cisco asr 9006 router
- canonical/cisco asr 9010 router
- canonical/cisco asr 9901-rp firmware
- canonical/cisco asr 9902
- canonical/cisco asr 9903
- canonical/cisco asr 9904
- canonical/cisco asr 9906
- canonical/cisco asr 9910
- canonical/cisco asr 9912
- canonical/cisco asr 9922
- canonical/cisco catalyst 3650
- canonical/cisco catalyst 3850
- canonical/cisco catalyst 8200
- canonical/cisco catalyst 8300
- canonical/cisco catalyst 8500l series router
- canonical/cisco catalyst 8500
- canonical/cisco catalyst 9200cx
- canonical/cisco catalyst 9300 firmware
- canonical/cisco catalyst 9400
- canonical/cisco catalyst 9500 series
- canonical/cisco catalyst 9500h
- canonical/cisco catalyst 9600
- canonical/cisco catalyst 9800 firmware
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco catalyst 9800-cl
- canonical/cisco catalyst 9800-l
- canonical/cisco cg418-e
- canonical/cisco catalyst cg522-e
- canonical/cisco ess9300-10x-e
- canonical/cisco catalyst ie3200
- canonical/cisco catalyst ie3300
- canonical/cisco catalyst ie3400
- canonical/cisco catalyst ie9300
- canonical/cisco cloud services router 1000v
- canonical/cisco esr3300
- canonical/cisco esr6300 embedded series routers