The network appliances manufacturer giant Cisco published an advisory on 4th May in which Cisco detailed about three new vulnerabilities in Cisco Enterprise NFV Infrastructure Software. The vulnerabilities are tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780 are one critical and two high severity vulnerabilities with a CVSS score of 9.9, 8.8, and 7.4 out of 10. “These flaws allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM”. Since these flaws allow the attacker to gain unauthorized root-levelaccess on the NFVIS host. It is considered critical and should fix it as soon as possible. Let’s see how to fix CVE-2022-20777, a critical guest escape vulnerability in Cisco NFVIS.
Cisco NFVIS is a network virtualization solution that helps enterprises manage their networks more efficiently and effectively. Designed to seamlessly integrate with Cisco’s other networking solutions, Cisco NFVIS allows businesses to quickly provision and streamline new applications and services for their users.
With Cisco NFVIS, companies can easily create network slices that are customized to each individual user or group of users. This gives businesses greater control over the resources they allocate to different departments or lines of business, allowing them to achieve greater operational efficiency and agility. Additionally, Cisco NFVIS provides comprehensive integration with Cisco UCS Director for simplified management of compute resources as well as Cisco CloudCenter for seamless deployment of cloud-based workloads.
If you’re looking for a powerful network virtualization solution that can help your business overcome the challenges of today’s complex networks, Cisco NFVIS is the right choice. Contact Cisco today to learn more about Cisco NFVIS and how it can benefit your organization.
CVE-2022-20777: A Guest Escape Vulnerability in Cisco Enterprise NFVIS
CVE-2022-20779: A Command Injection Vulnerability in Cisco Enterprise NFVIS
CVE-2022-20780: A XML External Entity Injection Vulnerability in Cisco Enterprise NFVIS
This is a guest escape vulnerability in Next Generation Input/Output (NGIO) feature Cisco NFVIS. This flaw is due to insufficient guest restrictions in Cisco NFVIS. This vulnerability allow an authenticated, remote attacker to escape from the guest VM to gain unauthorized root-levelaccess on the NFVIS host by sending an API call from a VM.
Associated CVE ID | CVE-2022-20777 |
Description | A Guest Escape Vulnerability in Cisco Enterprise NFVIS |
Associated ZDI ID | – |
CVSS Score | 9.9 Critical |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Impact Score | – |
Exploitability Score | – |
Attack Vector (AV) | Network |
Attack Complexity (AC) | Low |
Privilege Required (PR) | Low |
User Interaction (UI) | None |
Scope | Changed |
Confidentiality (C) | High |
Integrity (I) | High |
availability (a) | High |
This is a Command Injection Vulnerability in Cisco Enterprise NFVIS. This vulnerability is due to improper input validation in the image registration process of Cisco Enterprise NFVIS. This flaw allows an unauthenticated, remote attacker to inject commands that execute at the root level on the NFVIS host during the image registration process by persuading an administrator on the host machine to install a VM image with crafted metadata that will execute commands with root-level privileges during the VM registration process.
Associated CVE ID | CVE-2022-20779 |
Description | A Command Injection Vulnerability in Cisco Enterprise NFVIS |
Associated ZDI ID | – |
CVSS Score | 8.8 High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Impact Score | – |
Exploitability Score | – |
Attack Vector (AV) | Network |
Attack Complexity (AC) | Low |
Privilege Required (PR) | Low |
User Interaction (UI) | None |
Scope | Changed |
Confidentiality (C) | High |
Integrity (I) | High |
availability (a) | High |
This is a XML External Entity Injection Vulnerability in Cisco Enterprise NFVIS. This flaw is due to the resolution of external entities in the XML parser in the import function of Cisco Enterprise NFVIS. The flaw allows an unauthenticated, remote attacker to leak system data from the host to the VM. This vulnerability allows attackers to access system information such as files containing user data from the host on the VM by persuading an administrator to import a crafted file that will read data from the host and write it to the VM.
Associated CVE ID | CVE-2022-20780 |
Description | A XML External Entity Injection Vulnerability in Cisco Enterprise NFVIS |
Associated ZDI ID | – |
CVSS Score | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Impact Score | – |
Exploitability Score | – |
Attack Vector (AV) | Network |
Attack Complexity (AC) | Low |
Privilege Required (PR) | Low |
User Interaction (UI) | None |
Scope | Changed |
Confidentiality (C) | High |
Integrity (I) | High |
availability (a) | High |
Cisco says in its advisory that Cisco NFVIS versions earlier than v4.0 are vulnerable to these flaws. For a note, default configuration on Cisco NFVIS are prone to these vulnerabilities. We recommend to fix these vulnerabilities specially the critical severity flaw that is CVE-2022-20777, Guest Escape Vulnerability in Cisco Enterprise NFVIS at the earliest.
There are no interdependencies among the flaws. Exploitation of one vulnerability does not require the exploitation of another vulnerability. Furthermore, a software upgrade that is impacted by one of the vulnerabilities may not be affected by any others.
Cisco has released free software updates by releasing the fixed version that is v4.7.1. We recommend to upgrade to any version greater then equal to v4.7.1.
Please refer this PDF to see how to upgrade Cisco NFVIS to the latest version.
We hope this post would help youhow to fix CVE-2022-20777, a critical guest escape vulnerability in Cisco NFVIS. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium & Instagram, and subscribe to receive updates like this.
You may also like these articles:
How To Fix CVE-2022-1388- A Critical RCE Vulnerability In BIG-IP
How To Fix CVE-2022-20732- A Privilege Escalation Vulnerability In Cisco VIM
How To Fix CVE-2022-20695- A Critical Authentication Bypass Vulnerability In Cisco WLC
How To Fix CVE-2022-20798- An Authentication Bypass Vulnerability In Cisco ESA And Cisco SMA
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”
"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.
BurpGPT is a cutting-edge Burp Suite extension that harnesses the power of OpenAI's language models to revolutionize web application security testing. With customizable prompts and advanced AI capabilities, BurpGPT enables security professionals to uncover bespoke vulnerabilities, streamline assessments, and stay ahead of evolving threats.
PentestGPT, developed by Gelei Deng and team, revolutionizes penetration testing by harnessing AI power. Leveraging OpenAI's GPT-4, it automates and streamlines the process, making it efficient and accessible. With advanced features and interactive guidance, PentestGPT empowers testers to identify vulnerabilities effectively, representing a significant leap in cybersecurity.
Tenable BurpGPT is a powerful Burp Suite extension that leverages OpenAI's advanced language models to analyze HTTP traffic and identify potential security risks. By automating vulnerability detection and providing AI-generated insights, BurpGPT dramatically reduces manual testing efforts for security researchers, developers, and pentesters.
Microsoft Security Copilot is a revolutionary AI-powered security solution that empowers cybersecurity professionals to identify and address potential breaches effectively. By harnessing advanced technologies like OpenAI's GPT-4 and Microsoft's extensive threat intelligence, Security Copilot streamlines threat detection and response, enabling defenders to operate at machine speed and scale.