CVE-2022-20732
Published: 21 April 2022
Summary
CVE-2022-20732 is a high-severity Improper Access Control (CWE-284) vulnerability in Cisco Virtualized Infrastructure Manager. Its CVSS base score is 7.8 (High).
Operationally, ranked at the 30.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-25982
Vulnerability details
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager (VIM) could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain…
more
configuration files. An attacker with low-privileged credentials could exploit this vulnerability by accessing an affected device and reading the affected configuration files. A successful exploit could allow the attacker to obtain internal database credentials, which the attacker could use to view and modify the contents of the database. The attacker could use this access to the database to elevate privileges on the affected device.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.
Guides setting of default permissions to the minimum required level.
Defines roles, responsibilities, and access rules for configuration management activities, making improper access to configuration resources harder to exploit.
Baseline includes documented access control settings that are reviewed and maintained, reducing the ability to exploit improper access control.
Requiring the most restrictive settings instead of defaults prevents incorrect default permissions on resources.
Explicitly requires protecting the configuration management plan from unauthorized disclosure and modification.
The policy defines and enforces restrictions on physical access to resources, directly reducing improper access control.
Tailoring explicitly overrides or scopes default permission assignments in the baseline to match the system's actual risk and operational needs.