vulnerability

Cisco IOS: CVE-2022-20677: Cisco IOx Application Hosting Environment Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:M/C:P/I:C/A:N)	04/13/2022	05/27/2024	03/27/2025

Severity

CVSS

(AV:N/AC:L/Au:M/C:P/I:C/A:N)

Published

04/13/2022

Added

05/27/2024

Modified

03/27/2025

Description

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.

Solution

cisco-ios-upgrade-latest

References

CVE-2022-20677
https://attackerkb.com/topics/CVE-2022-20677
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj
CISCO-cisco-sa-iox-yuXQ6hFj

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today