What is CVE-2022-20739?

CVE-2022-20739 is a high-severity vulnerability in Cisco Sd-wan Vmanage, classified under Improper Privilege Management. CVSS score: 7.3/10. Published 2022-04-15.

How severe is CVE-2022-20739?

High severity. CVSS v3 base score is 7.3 out of 10.

Privilege escalation in Cisco Sd-wan Vmanage

CVE-2022-20739

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected…

Vulnerability class: Privilege Escalation

EPSS: 0.001 (30.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Cisco Sd-wan Vmanage — versions n/a

Weakness classification (CWE)

CWE-269 — Improper Privilege Management

References

20220413 Cisco SD-WAN vManage Software Privilege Escalation Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2022-20739?: CVE-2022-20739 is a high-severity vulnerability in Cisco Sd-wan Vmanage, classified under Improper Privilege Management. CVSS score: 7.3/10. Published 2022-04-15.
How severe is CVE-2022-20739?: High severity. CVSS v3 base score is 7.3 out of 10.