CVE-2022-20810

2022-09-3019:15:11

CWE-202

[email protected]

web.nvd.nist.gov

cisco

snmp

vulnerability

catalyst 9000 family

access

information security

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

41.5%

JSON

A vulnerability in the Simple Network Management Protocol (SNMP) of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to insufficient restrictions that allow a sensitive configuration detail to be disclosed. An attacker could exploit this vulnerability by retrieving data through SNMP read-only community access. A successful exploit could allow the attacker to view Service Set Identifier (SSID) preshared keys (PSKs) that are configured on the affected device.

Affected configurations

Nvd

Node

ciscocatalyst_9800Match-

ciscocatalyst_9800-40Match-

ciscocatalyst_9800-40_wireless_controllerMatch-

ciscocatalyst_9800-80Match-

ciscocatalyst_9800-80_wireless_controllerMatch-

ciscocatalyst_9800-clMatch-

ciscocatalyst_9800-lMatch-

ciscocatalyst_9800-l-cMatch-

ciscocatalyst_9800-l-fMatch-

ciscocatalyst_9800_embedded_wireless_controllerMatch-

AND

ciscoios_xeMatch-

VendorProductVersionCPE
ciscocatalyst_9800-cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*
ciscocatalyst_9800-40-cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*
ciscocatalyst_9800-40_wireless_controller-cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*
ciscocatalyst_9800-80-cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*
ciscocatalyst_9800-80_wireless_controller-cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*
ciscocatalyst_9800-cl-cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-c-cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*
ciscocatalyst_9800-l-f-cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*
ciscocatalyst_9800_embedded_wireless_controller-cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	catalyst_9800	-	cpe:2.3:h:cisco:catalyst_9800:-:::::::*
cisco	catalyst_9800-40	-	cpe:2.3:h:cisco:catalyst_9800-40:-:::::::*
cisco	catalyst_9800-40_wireless_controller	-	cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:::::::*
cisco	catalyst_9800-80	-	cpe:2.3:h:cisco:catalyst_9800-80:-:::::::*
cisco	catalyst_9800-80_wireless_controller	-	cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:::::::*
cisco	catalyst_9800-cl	-	cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::*
cisco	catalyst_9800-l	-	cpe:2.3:h:cisco:catalyst_9800-l:-:::::::*
cisco	catalyst_9800-l-c	-	cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::*
cisco	catalyst_9800-l-f	-	cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::*
cisco	catalyst_9800_embedded_wireless_controller	-	cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:::::::*