CVE-2022-20780 — Vulnetix

CVE-2022-20780 PUBLISHED CVSS 9.899999618530273 CRITICAL

De multiples vulnérabilités ont été découvertes dans Cisco Enterprise NFVIS. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.

EPSS 0.39% · 60.2th percentile

Risk Scores

CVSS 3.1

9.899999618530273

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

0.39%

60.2th percentile

Affected Products

Vendor	Product	Versions
Cisco	N/A
cisco	enterprise_nfv_infrastructure_software	0
Cisco	Cisco Enterprise NFV Infrastructure Software	n/a

Exploit Intelligence

https://github.com/orangecertcc/security-research/security/advisories/GHSA-hrpq-384f-vrpg (nist-nvd)
20220504 Cisco Enterprise NFV Infrastructure Software Vulnerabilities (circl)

Timeline

May 4, 2022 CVE Published
May 5, 2022 EPSS Score
Jun 23, 2022 EPSS Score
Oct 1, 2022 EPSS Score
Nov 20, 2022 EPSS Score
Jan 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 17, 2023 EPSS Score
Jun 6, 2023 EPSS Score
Sep 13, 2023 EPSS Score
Nov 1, 2023 EPSS Score
Dec 21, 2023 EPSS Score

References

20220504 Cisco Enterprise NFV Infrastructure Software Vulnerabilities vendor-advisory
https://github.com/orangecertcc/security-research/security/advisories/GHSA-hrpq-384f-vrpg url
https://nvd.nist.gov/vuln/detail/CVE-2022-20780 advisory

Open in Interactive Console →