{"vulnerability": "CVE-2022-20695", "sightings": [{"uuid": "bc4afea4-7dcc-4e2d-a376-3ca337b93cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20695", "type": "seen", "source": "https://t.me/NeKaspersky/2125", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0434\u0435\u0432\u0430\u0439\u0441\u0430\u0445 \u043e\u0442 Cisco \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u0438 \u043a\u0440\u0435\u0434\u0435\u043d\u0448\u043b\u044b (\u0441 \u0431\u043b\u0435\u043a \u0434\u0436\u0435\u043a\u043e\u043c \u0438...)\n\n\u041e \u0431\u0430\u0433\u0435 CVE-2022-20695 \u0432 \u0441\u043e\u0444\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u043e\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 (WLC), \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u043c \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0434\u0435\u0441\u044f\u0442\u043a\u0443 \u043f\u043e CVSS, \u043f\u043e\u0432\u0435\u0434\u0430\u043b\u0438 \u0441\u0430\u043c\u0438 Cisco \u0438, \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435, \u043f\u043e\u0441\u043e\u0432\u0435\u0442\u043e\u0432\u0430\u043b\u0438 \u0432\u0441\u0435\u043c \u043f\u043e\u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043a\u043e\u0441\u044f\u043a\u043e\u043c \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0430 \u0432\u0430\u043b\u0438\u0434\u0430\u0446\u0438\u0438 \u043f\u0430\u0440\u043e\u043b\u044f \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u0430\u0445 \u0441 \u043d\u0435\u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0435\u0439, \u043f\u0440\u0438\u0447\u0435\u043c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u0440\u0435\u0434\u0435\u043d\u0448\u043b\u044b \u043c\u043e\u0433\u0443\u0442 \u0434\u0430\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0445.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Cisco, \u0431\u0430\u0433 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Cisco WLC 8.10.151.0 \u0438\u043b\u0438 8.10.162.0 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435, \u043a\u043e\u0433\u0434\u0430 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u00abmacfilter radius compatibility\u00bb \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u0432 \u00abOther\u00bb. \u0425\u0430\u0440\u0434\u0432\u0430\u0440\u043d\u043e \u043f\u043e\u0434 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0432\u0430\u0439\u0441\u044b:\n\u2022 Wireless Controller 3504, 5520 \u0438 8540 \n\u2022 Mobility Express\n\u2022 Virtual Wireless Controller (vWLC)\n\n\u0422\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0435\u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432:\n\u2022 Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches\n\u2022 Catalyst 9800 Series Wireless Controllers\n\u2022 Catalyst 9800 Wireless Controller for Cloud\n\u2022 Embedded Wireless Controller on Catalyst Access Points\n\u2022 Wireless LAN Controller (WLC) AireOS products not listed in the Vulnerable Products section\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0431\u0438\u043b\u0434\u0430 8.10.171.0 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0444\u0438\u043a\u0441\u0438\u0442 \u0431\u0430\u0433\u0443 \u0432\u043d\u0435 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0441\u043e\u0444\u0442\u0432\u0430\u0440\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, Cisco \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0438 \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c macfilter radius compatibility \u0434\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 config macfilter radius-compat cisco) \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0440\u0435\u0436\u0438\u043c\u043e\u0432, \u0432\u0440\u043e\u0434\u0435 \"free\" (config macfilter radius-compat free).\n@NeKaspersky", "creation_timestamp": "2022-04-16T17:37:37.000000Z"}, {"uuid": "41b7eeb9-9076-4ce8-bc83-ed351f39e158", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20695", "type": "seen", "source": "https://t.me/cKure/9372", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Zero-Day: Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller (WLC) software. \n\nThe security flaw allows remote attackers to log in to target devices through the management interface without using a valid password.\n\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-auth-bypass-JRNhV4fF\n\nhttps://www.bleepingcomputer.com/news/security/cisco-vulnerability-lets-hackers-craft-their-own-login-credentials/", "creation_timestamp": "2022-04-16T08:29:07.000000Z"}, {"uuid": "d4b68a0b-0435-4950-a53e-2924149613ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20695", "type": "seen", "source": "https://t.me/BleepingComputer/11837", "content": "Latest news and stories from BleepingComputer.com\nCisco vulnerability lets hackers craft their own login credentials\n\nCisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller (WLC) software.\u00a0 [...]", "creation_timestamp": "2022-04-15T20:38:08.000000Z"}, {"uuid": "a8b41fa3-983d-466f-ac13-be7e9d68c6ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20695", "type": "seen", "source": "https://t.me/cibsecurity/40870", "content": "\u203c CVE-2022-20695 \u203c\n\nA vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and log in to the device as an administrator. The attacker could obtain privileges that are the same level as an administrative user but it depends on the crafted credentials. Note: This vulnerability exists because of a non-default device configuration that must be present for it to be exploitable. For details about the vulnerable configuration, see the Vulnerable Products section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T18:20:33.000000Z"}]}