CVE-2022-20630

A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs through the CLI. A successful exploit could allow the attacker to retrieve sensitive information that includes user credentials.

CVSS v3 4.4 MEDIUM
CVSS v2.0 2.1 LOW

4.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:dna_center::::::::
	cpe:2.3:a:cisco:dna_center::::::::

History

17 Feb 2022, 20:19

Type	Values Removed	Values Added
CWE		CWE-532
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 2.1 v3 : 4.4
CPE		cpe:2.3:a:cisco:dna_center::::::::
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj - Vendor Advisory

10 Feb 2022, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-02-10 18:15

Updated : 2024-02-04 22:29

NVD link : CVE-2022-20630

Mitre link : CVE-2022-20630

CVE.ORG link : CVE-2022-20630

JSON object : View

Products Affected

cisco

dna_center

CWE

CWE-532

Insertion of Sensitive Information into Log File

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2022-20630", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2022-02-10T18:15:08.860", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-8QEynKEj", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs through the CLI. A successful exploit could allow the attacker to retrieve sensitive information that includes user credentials."}, {"lang": "es", "value": "Una vulnerabilidad en el registro de auditor\u00eda de Cisco DNA Center podr\u00eda permitir a un atacante local autenticado visualizar informaci\u00f3n confidencial en texto sin cifrar. Esta vulnerabilidad es debido a una falta de seguridad en el registro de informaci\u00f3n confidencial en el sistema afectado. Un atacante con privilegios administrativos podr\u00eda explotar esta vulnerabilidad al acceder a los registros de auditor\u00eda mediante la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante recuperar informaci\u00f3n confidencial que incluye credenciales de usuario"}], "lastModified": "2023-11-07T03:42:29.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66415B51-F19E-4383-AEF8-6A7502EB0F68", "versionEndExcluding": "2.2.2.8", "versionStartIncluding": "2.1.2.0"}, {"criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01FD99C4-BCB1-417E-ADCE-73314AD2E857", "versionEndExcluding": "2.2.3.4", "versionStartIncluding": "2.2.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}