CVE-2022-20773
HIGH
Published Apr 21, 20224y ago · Modified Jun 22, 20261w ago
7.5 CVSS 3.1
Published Apr 21, 2022 4y ago
Last Modified Jun 22, 2026 1w ago
Description
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 2
CWE-321
CWE-798 Use of Hard-coded Credentials Authentication
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| cisco | umbrella_virtual_appliance | * | <3.3.2 |
References 1
- tools.cisco.com https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uva-static-key-6RQTRs4c
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.