A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote attacker to perform a command injection and elevate privileges to root.
This vulnerability is due to insufficient validation of user-supplied input for the web interface. An attacker could exploit this vulnerability by authenticating to the system and sending a crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least read-only credentials.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.Attention: Simplifying the Cisco portfolio includes the renaming of security products under one brand: Cisco Secure. For more information, see .
References
Configurations
Configuration 1 (hide)
| AND |
|
History
11 Aug 2025, 17:44
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Cisco
Cisco secure Web Appliance Virtual S300v Cisco secure Web Appliance Virtual S600v Cisco secure Web Appliance S396 Cisco asyncos Cisco secure Web Appliance S196 Cisco secure Web Appliance Virtual S100v Cisco secure Web Appliance S696 Cisco secure Web Appliance Virtual S1000v |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CPE | cpe:2.3:o:cisco:asyncos:14.5.0-498:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_web_appliance_virtual_s100v:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_web_appliance_virtual_s1000v:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.2-012:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_web_appliance_s396:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.1-011:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_web_appliance_virtual_s300v:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.1.0-047:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.4-011:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.2-007:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.3-002:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_web_appliance_virtual_s600v:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.1.0-041:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_web_appliance_s196:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.1.0-032:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.4-005:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.2-011:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_web_appliance_s696:-:*:*:*:*:*:*:* |
|
| References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU - Not Applicable | |
| References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-8PdRU8t8 - Vendor Advisory | |
| References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv - Not Applicable |
15 Nov 2024, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-15 16:15
Updated : 2025-08-11 17:44
NVD link : CVE-2022-20871
Mitre link : CVE-2022-20871
JSON object : View
Products Affected
cisco
- secure_web_appliance_s696
- asyncos
- secure_web_appliance_s196
- secure_web_appliance_virtual_s1000v
- secure_web_appliance_s396
- secure_web_appliance_virtual_s300v
- secure_web_appliance_virtual_s100v
- secure_web_appliance_virtual_s600v
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')