CVE-2022-20773— Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-20773
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的密码学密钥
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Umbrella 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Umbrella是美国思科(Cisco)公司的一套云安全平台。该平台能够预防网络钓鱼、恶意软件和勒索软件等网络威胁。 Cisco Umbrella 虚拟设备(VA)存在安全漏洞,该漏洞源于存在静态 SSH 主机密钥。攻击者利用此漏洞可以通过对与 Umbrella VA 的 SSH 连接执行中间人攻击。成功利用此漏洞可让攻击者了解管理员凭据、更改配置或重新加载 VA。以下产品和版本受到影响:3.2 及之前版本和 3.3 版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Umbrella Insights Virtual Appliance | n/a | - |
II. Public POCs for CVE-2022-20773
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-20773
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uva-static-key-6RQTRs4cvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2022-20773
Same Patch Batch · Cisco · 2022-04-21 · 12 CVEs total
| CVE-2022-20732 | 7.8 HIGH | Cisco Virtualized Infrastructure Manager Privilege Escalation Vulnerability |
| CVE-2022-20783 | 7.5 HIGH | Cisco TelePresence Collaboration Endpoint and RoomOS Software H.323 Denial of Service Vuln |
| CVE-2022-20790 | 6.5 MEDIUM | Cisco Unified Communications Products Arbitrary File Read Vulnerability |
| CVE-2022-20778 | 6.1 MEDIUM | Cisco Webex Meetings Cross-Site Scripting Vulnerability |
| CVE-2022-20788 | 6.1 MEDIUM | Cisco Unified Communications Products Cross-Site Scripting Vulnerability |
| CVE-2022-20795 | 5.8 MEDIUM | Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect S |
| CVE-2022-20787 | 5.7 MEDIUM | Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability |
| CVE-2022-20786 | 5.4 MEDIUM | Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerability |
| CVE-2022-20804 | 5.3 MEDIUM | Cisco Unified Communications Products Denial of Service Vulnerability |
| CVE-2022-20789 | 4.9 MEDIUM | Cisco Unified Communications Products Arbitrary File Write Vulnerability |
| CVE-2022-20805 | 4.1 MEDIUM | Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco Umbrella Insights Virtual Appliance
- CVE-2022-20805
Cisco Umbrella Secure Web Gateway File Decryption Bypass Vul - CVE-2022-20738
Cisco Umbrella Secure Web Gateway File Inspection Bypass Vul - CVE-2021-40126
Cisco Umbrella Email Enumeration Vulnerability - CVE-2021-1475
Cisco Umbrella Link and CSV Formula Injection Vulnerabilitie - CVE-2021-1474
Cisco Umbrella Link and CSV Formula Injection Vulnerabilitie
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-321
- CVE-2026-8243
Industrial Application Software IAS Canias ERP JNLP Deployme - CVE-2026-6787
Usage of a hard-coded cryptographic key in WatchGuard Agent - CVE-2026-42518
Information Disclosure Vulnerability in e-Sushrut HMIS - CVE-2026-7306
Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard - CVE-2026-32644
Milesight Cameras Use of Hard-coded Cryptographic Key
V. Comments for CVE-2022-20773
No comments yet