CVE-2022-20773

HIGH
Published Apr 21, 20224y ago · Modified Jun 22, 20261w ago
7.5 CVSS 3.1
High
Find Similar
Published Apr 21, 2022 4y ago
Last Modified Jun 22, 2026 1w ago

Description

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.

CVSS Details

Base Score
7.5
Exploitability
1.6
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-321
CWE-798 Use of Hard-coded Credentials Authentication

Affected Products 1

VendorProductVersionRange
ciscoumbrella_virtual_appliance* <3.3.2

References 1

  • tools.cisco.com https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uva-static-key-6RQTRs4c
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.