A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sending crafted HTTP requests. A successful exploit could allow an attacker who is authenticated with non-Administrator privileges to elevate to Administrator privileges on an affected device.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2022-08-25T18:40:09.627314Z
Updated: 2024-11-01T18:51:39.373Z
Reserved: 2021-11-02T00:00:00
Link: CVE-2022-20921
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-25T19:15:08.327
Modified: 2024-11-21T06:43:49.690
Link: CVE-2022-20921
Redhat
No data.