Cisco Smart Software Manager On-Prem Vulnerability
CVE-2022-20939
4.3MEDIUM
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 15 November 2024
What is CVE-2022-20939?
A vulnerability exists in the web-based management interface of Cisco Smart Software Manager On-Prem that may enable an authenticated, remote attacker to elevate their privileges on an affected system. This issue arises from insufficient safeguards surrounding sensitive user data. By exploiting this vulnerability, an attacker can gain access to specific logs on the system and utilize the gathered information to escalate privileges to the System Admin level. Cisco has issued software updates to address this vulnerability, and no workarounds are available.
Affected Version(s)
Cisco Smart Software Manager On-Prem 7-202001
Cisco Smart Software Manager On-Prem 1.1
Cisco Smart Software Manager On-Prem 6.3.0