{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T01:54:46.609","vulnerabilities":[{"cve":{"id":"CVE-2022-20716","sourceIdentifier":"psirt@cisco.com","published":"2022-04-15T15:15:13.063","lastModified":"2024-11-21T06:43:23.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on the vulnerable device. If successful, the attacker could gain escalated privileges and take actions on the system with the privileges of the root user."},{"lang":"es","value":"Una vulnerabilidad en la CLI del software Cisco SD-WAN podría permitir a un atacante local autenticado alcanzar altos privilegios. Esta vulnerabilidad es debido a un control de acceso inapropiado en los archivos del sistema afectado. Un atacante local podría explotar esta vulnerabilidad al modificar determinados archivos en el dispositivo vulnerable. Si es exitoso, el atacante podría alcanzar privilegios escalados y realizar acciones en el sistema con privilegios de usuario root"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:-:*:*:*:*:*:*:*","matchCriteriaId":"AE3D96F7-3574-443F-9AD4-5E62E0F5E4F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_solution:-:*:*:*:*:*:*:*","matchCriteriaId":"264691E8-B9EE-445B-AA73-339E2AD9D75A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:-:*:*:*:*:*:*:*","matchCriteriaId":"05AFD69C-BB2C-43E0-89CF-FDA00B8F4CB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_vedge_cloud:-:*:*:*:*:*:*:*","matchCriteriaId":"F79EFC51-42F0-4E00-9993-2CBD852BB7EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_vedge_router:-:*:*:*:*:*:*:*","matchCriteriaId":"E751F057-CC4E-49AF-BFFE-1C08A0AFEDBC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan_vsmart_controller_software:-:*:*:*:*:*:*:*","matchCriteriaId":"5C1E3D19-7A59-41DA-A216-814E6AB697B5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*","versionStartIncluding":"18.4","versionEndExcluding":"20.6.1","matchCriteriaId":"633B8D51-C333-4C34-BE6B-4A95BA0A0E20"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*","versionStartIncluding":"20.7","versionEndExcluding":"20.7.1","matchCriteriaId":"71DFA673-7836-4EC9-9B73-428598BC012D"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-file-access-VW36d28P","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}