Description
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.
Published: 2022-10-10
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-26114 A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.
History

Fri, 01 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Cisco Catalyst 3650 Catalyst 3650-12x48fd-e Catalyst 3650-12x48fd-l Catalyst 3650-12x48fd-s Catalyst 3650-12x48uq Catalyst 3650-12x48uq-e Catalyst 3650-12x48uq-l Catalyst 3650-12x48uq-s Catalyst 3650-12x48ur Catalyst 3650-12x48ur-e Catalyst 3650-12x48ur-l Catalyst 3650-12x48ur-s Catalyst 3650-12x48uz Catalyst 3650-12x48uz-e Catalyst 3650-12x48uz-l Catalyst 3650-12x48uz-s Catalyst 3650-24pd Catalyst 3650-24pd-e Catalyst 3650-24pd-l Catalyst 3650-24pd-s Catalyst 3650-24pdm Catalyst 3650-24pdm-e Catalyst 3650-24pdm-l Catalyst 3650-24pdm-s Catalyst 3650-24ps-e Catalyst 3650-24ps-l Catalyst 3650-24ps-s Catalyst 3650-24td-e Catalyst 3650-24td-l Catalyst 3650-24td-s Catalyst 3650-24ts-e Catalyst 3650-24ts-l Catalyst 3650-24ts-s Catalyst 3650-48fd-e Catalyst 3650-48fd-l Catalyst 3650-48fd-s Catalyst 3650-48fq Catalyst 3650-48fq-e Catalyst 3650-48fq-l Catalyst 3650-48fq-s Catalyst 3650-48fqm Catalyst 3650-48fqm-e Catalyst 3650-48fqm-l Catalyst 3650-48fqm-s Catalyst 3650-48fs-e Catalyst 3650-48fs-l Catalyst 3650-48fs-s Catalyst 3650-48pd-e Catalyst 3650-48pd-l Catalyst 3650-48pd-s Catalyst 3650-48pq-e Catalyst 3650-48pq-l Catalyst 3650-48pq-s Catalyst 3650-48ps-e Catalyst 3650-48ps-l Catalyst 3650-48ps-s Catalyst 3650-48td-e Catalyst 3650-48td-l Catalyst 3650-48td-s Catalyst 3650-48tq-e Catalyst 3650-48tq-l Catalyst 3650-48tq-s Catalyst 3650-48ts-e Catalyst 3650-48ts-l Catalyst 3650-48ts-s Catalyst 3650-8x24pd-e Catalyst 3650-8x24pd-l Catalyst 3650-8x24pd-s Catalyst 3650-8x24uq Catalyst 3650-8x24uq-e Catalyst 3650-8x24uq-l Catalyst 3650-8x24uq-s Catalyst 3850 Catalyst 3850-12s-e Catalyst 3850-12s-s Catalyst 3850-12x48u Catalyst 3850-12xs-e Catalyst 3850-12xs-s Catalyst 3850-16xs-e Catalyst 3850-16xs-s Catalyst 3850-24p-e Catalyst 3850-24p-l Catalyst 3850-24p-s Catalyst 3850-24pw-s Catalyst 3850-24s-e Catalyst 3850-24s-s Catalyst 3850-24t-e Catalyst 3850-24t-l Catalyst 3850-24t-s Catalyst 3850-24u Catalyst 3850-24u-e Catalyst 3850-24u-l Catalyst 3850-24u-s Catalyst 3850-24xs Catalyst 3850-24xs-e Catalyst 3850-24xs-s Catalyst 3850-24xu Catalyst 3850-24xu-e Catalyst 3850-24xu-l Catalyst 3850-24xu-s Catalyst 3850-32xs-e Catalyst 3850-32xs-s Catalyst 3850-48f-e Catalyst 3850-48f-l Catalyst 3850-48f-s Catalyst 3850-48p-e Catalyst 3850-48p-l Catalyst 3850-48p-s Catalyst 3850-48pw-s Catalyst 3850-48t-e Catalyst 3850-48t-l Catalyst 3850-48t-s Catalyst 3850-48u Catalyst 3850-48u-e Catalyst 3850-48u-l Catalyst 3850-48u-s Catalyst 3850-48xs Catalyst 3850-48xs-e Catalyst 3850-48xs-f-e Catalyst 3850-48xs-f-s Catalyst 3850-48xs-s Catalyst 3850-nm-2-40g Catalyst 3850-nm-8-10g Catalyst 9200 Catalyst 9200cx Catalyst 9200l Catalyst 9300 Catalyst 9300-24p-a Catalyst 9300-24p-e Catalyst 9300-24s-a Catalyst 9300-24s-e Catalyst 9300-24t-a Catalyst 9300-24t-e Catalyst 9300-24u-a Catalyst 9300-24u-e Catalyst 9300-24ux-a Catalyst 9300-24ux-e Catalyst 9300-48p-a Catalyst 9300-48p-e Catalyst 9300-48s-a Catalyst 9300-48s-e Catalyst 9300-48t-a Catalyst 9300-48t-e Catalyst 9300-48u-a Catalyst 9300-48u-e Catalyst 9300-48un-a Catalyst 9300-48un-e Catalyst 9300-48uxm-a Catalyst 9300-48uxm-e Catalyst 9300l Catalyst 9300l-24p-4g-a Catalyst 9300l-24p-4g-e Catalyst 9300l-24p-4x-a Catalyst 9300l-24p-4x-e Catalyst 9300l-24t-4g-a Catalyst 9300l-24t-4g-e Catalyst 9300l-24t-4x-a Catalyst 9300l-24t-4x-e Catalyst 9300l-48p-4g-a Catalyst 9300l-48p-4g-e Catalyst 9300l-48p-4x-a Catalyst 9300l-48p-4x-e Catalyst 9300l-48t-4g-a Catalyst 9300l-48t-4g-e Catalyst 9300l-48t-4x-a Catalyst 9300l-48t-4x-e Catalyst 9300l Stack Catalyst 9300lm Catalyst 9300x Catalyst 9400 Catalyst 9407r Catalyst 9410r Catalyst 9500 Catalyst 9500h Catalyst 9600 Catalyst 9600x Catalyst C2928-24lt-c Catalyst C2928-48tc-c Catalyst C3850-12x48u-e Catalyst C3850-12x48u-l Catalyst C3850-12x48u-s Catalyst C9200-24p Catalyst C9200-24t Catalyst C9200-48p Catalyst C9200-48t Catalyst C9200l-24p-4g Catalyst C9200l-24p-4x Catalyst C9200l-24pxg-2y Catalyst C9200l-24pxg-4x Catalyst C9200l-24t-4g Catalyst C9200l-24t-4x Catalyst C9200l-48p-4g Catalyst C9200l-48p-4x Catalyst C9200l-48pxg-2y Catalyst C9200l-48pxg-4x Catalyst C9200l-48t-4g Catalyst C9200l-48t-4x Catalyst C9300-24p Catalyst C9300-24s Catalyst C9300-24t Catalyst C9300-24u Catalyst C9300-24ux Catalyst C9300-48p Catalyst C9300-48s Catalyst C9300-48t Catalyst C9300-48u Catalyst C9300-48un Catalyst C9300-48uxm Catalyst C9300l-24p-4g Catalyst C9300l-24p-4x Catalyst C9300l-24t-4g Catalyst C9300l-24t-4x Catalyst C9300l-48p-4g Catalyst C9300l-48p-4x Catalyst C9300l-48t-4g Catalyst C9300l-48t-4x Catalyst C9404r Catalyst C9407r Catalyst C9410r Catalyst C9500-12q Catalyst C9500-12q-a Catalyst C9500-12q-e Catalyst C9500-16x Catalyst C9500-16x-a Catalyst C9500-16x-e Catalyst C9500-24q Catalyst C9500-24q-a Catalyst C9500-24q-e Catalyst C9500-24y4c Catalyst C9500-32c Catalyst C9500-32qc Catalyst C9500-40x Catalyst C9500-40x-a Catalyst C9500-40x-e Catalyst C9500-48y4c Catalyst C9600-lc-24c Catalyst C9600-lc-48s Catalyst C9600-lc-48tx Catalyst C9600-lc-48yl Ios Xe Rom Monitor
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-01T18:49:04.147Z

Reserved: 2021-11-02T00:00:00.000Z

Link: CVE-2022-20864

cve-icon Vulnrichment

Updated: 2024-08-03T02:24:50.242Z

cve-icon NVD

Status : Modified

Published: 2022-10-10T21:15:10.207

Modified: 2024-11-21T06:43:42.610

Link: CVE-2022-20864

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses