The network appliances manufacturer giant Cisco published an advisory on 21at April in which Cisco detailed a privilege escalation vulnerability in Cisco VIM (Virtualized Infrastructure Manager). The vulnerability tracked as CVE-2022-20732 is a high severity vulnerability with a CVSS score of 7.8 out of 10. The flaw allows an authenticated, local attacker to access confidential information and elevate privileges on an affected device. Since this flaw poses unauthorized access to confidential information and privilege escalation, users of Cisco VIM should be aware of this flaw and address it as soon as possible. Let’s see how to fix CVE-2022-20732, a privilege escalation vulnerability in Cisco VIM (Virtualized Infrastructure Manager).
About Cisco Virtualized Infrastructure Manager:
Virtualized Infrastructure Manager (VIM) is Cisco’s enterprise-class solution for managing virtualized infrastructures. It enables customers to centrally manage and provision their Cisco Unified Computing System™ (Cisco UCS®), Cisco Nexus®, and Cisco MDS 9000 Series Switches, as well as other third-party devices in the data center. Cisco VIM provides a unified view of all devices in the data center, making it easy to provision and manage them from a single console.
Cisco VIM offers many benefits, including:
- Reduced complexity: Cisco VIM simplifies management of virtualized infrastructures by providing a unified view of all devices in the data center.
- Improved efficiency: Cisco VIM enables customers to provision and manage Cisco UCS, Cisco Nexus, and Cisco MDS 9000 Series Switches from a single console.
- ncreased agility: Cisco VIM helps customers quickly respond to changes in their data center environment by enabling them to rapidly provision new services and applications.
- Enhanced security: Cisco VIM provides role-based access control, which helps ensure that only authorized users can access the system.
Cisco VIM is an ideal solution for managing virtualized infrastructures, providing customers with the benefits of reduced complexity, increased efficiency, improved agility, and enhanced security.
Summary Of CVE-2022-20732:
This is a privilege escalation vulnerability in Cisco VIM (Virtualized Infrastructure Manager). The advisory says that this vulnerability is due to improper access permissions for certain configuration files. This could lead to protection issues and allowed users with low-privileged credentials to read affected configuration files.
This unauthorized access flaw allows an authenticated, local attacker to access confidential information such as internal database credentials. Attackers further use these database credentials to view and modify the contents of the database and elevate privileges on an affected device
|Associated CVE ID||CVE-2022-20732|
|Description||A Privilege Escalation Vulnerability in Cisco VIM|
|Associated ZDI ID||–|
|CVSS Score||7.8 High|
|Attack Vector (AV)||Local|
|Attack Complexity (AC)||Low|
|Privilege Required (PR)||Low|
|User Interaction (UI)||None|
Products Affected By CVE-2022-20732:
This vulnerability affects all versions of Cisco VIM 3.6 and earlier. Please check the version of your Cisco VIM and fix the CVE-2022-20732 flaw as per your change schedule.
How To Fix CVE-2022-20732- A Privilege Escalation Vulnerability In Cisco VIM?
The issue is very simple and easy to mitigate. Set the permissions of ‘app.conf’ file to ‘600’. You can easily set the permission using chmod command.
# chmod 600 /opt/cisco/mercury_restapi/app.conf
If you want to permanently fix the CVE-2022-20732 vulnerability. Upgrade your Cisco VIM to v4.2.2.
|Cisco Virtualized Infrastructure Manager Software||First Fixed Release|
|3.6 and earlier||Migrate to a fixed release.|
We hope this post will help you know how to fix CVE-2022-20732, a privilege escalation vulnerability in Cisco VIM (Virtualized Infrastructure Manager). Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.