CVE-2022-20773 — Vulnetix

CVE-2022-20773 PUBLISHED CVSS 7.5 HIGH

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.

EPSS 0.88% · 75.8th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.88%

75.8th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco Umbrella Insights Virtual Appliance	n/a
cisco	umbrella	0

Exploit Intelligence

20220420 Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability (circl)
nids_rules.yar (github-yara)
nids_rules.yar (github-yara)
nids_rules.yar (github-yara)
nids_rules.yar (github-yara)
Spring4Shell.yara (github-yara)
Spring4Shell.yara (github-yara)
Spring4Shell.yara (github-yara)
Spring4Shell.yara (github-yara)
spring_core_rce.yara (github-yara)

…and 15 more exploits

Timeline

Apr 7, 2022 PoC Published
Apr 21, 2022 CVE Published
Apr 22, 2022 EPSS Score
Jun 11, 2022 EPSS Score
Aug 1, 2022 EPSS Score
Sep 20, 2022 EPSS Score
Nov 9, 2022 EPSS Score
Feb 17, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 8, 2023 EPSS Score
May 27, 2023 EPSS Score
Jul 16, 2023 EPSS Score

References

Open in Interactive Console →