CVE-2022-20655 | Cisco IOS XR Software CLI os command injection (cisco-sa-cli-cmdinj-4MttWZPB)
A vulnerability, which was classified as critical, was found in Cisco IOS XR Software, Virtual Topology System (VTS), Network Services Orchestrator, Enterprise NFV Infrastructure Software, Catalyst SD-WAN, Catalyst SD-WAN Manager, IOS XE Catalyst SD-WAN, SD-WAN vEdge Router, Ultra Gateway Platform and Carrier Packet Transport. Affected is an unknown function of the component CLI. The manipulation leads to os command injection.
This vulnerability is traded as CVE-2022-20655. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.