CVE-2022-20871 — Vulnetix

CVE-2022-20871 PUBLISHED CVSS 6.300000190734863 MEDIUM

Une vulnérabilité a été découverte dans Cisco AsyncOS for Secure Web Appliance. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et une élévation de privilèges.

EPSS 0.20% · 42.5th percentile

Risk Scores

CVSS 3.1

6.300000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score

0.20%

42.5th percentile

Affected Products

Vendor	Product	Versions
cisco	asyncos	14.1.0-047, 12.5.1-011, 12.5.2-007
Cisco	Cisco Secure Web Appliance	12.5.2-007, 12.5.3-002, 14.1.0-032
Cisco	Secure Web Appliance

Exploit Intelligence

cisco-sa-wsa-prv-esc-8PdRU8t8 (circl)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU (circl)
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv (circl)

Timeline

Aug 18, 2022 CVE Published
Nov 16, 2024 EPSS Score
Dec 5, 2024 EPSS Score
Dec 22, 2024 EPSS Score
Jan 9, 2025 EPSS Score
Jan 26, 2025 EPSS Score
Feb 13, 2025 EPSS Score
Mar 3, 2025 EPSS Score
Mar 20, 2025 EPSS Score
Apr 7, 2025 EPSS Score
Apr 24, 2025 EPSS Score
May 12, 2025 EPSS Score

References

cisco-sa-wsa-prv-esc-8PdRU8t8 url
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU url
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv url
https://nvd.nist.gov/vuln/detail/CVE-2022-20871 advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-8PdRU8t8 advisory

Open in Interactive Console →