fiixng ios to iox.. 2022

Author: mailsanjayhere

CVEasy/Cisco/2022/cve202220718.py

@@ -6,29 +6,29 @@
     platform=['cisco_ios'],
     commands=dict(
         show_version='show version',
-        check_ios='show running-config | include ios'
+        check_iox='show running-config | include iox'
     ),
 )
 def rule_cve202220718(configuration, commands, device, devices):
     """
     This rule checks for the CVE-2022-20718 vulnerability in Cisco IOS Software.
-    The vulnerability is due to insufficient protection in the Cisco IOS application hosting environment.
+    The vulnerability is due to insufficient protection in the Cisco IOx application hosting environment.
     Multiple vulnerabilities could allow an attacker to inject arbitrary commands into the underlying host
     operating system, execute arbitrary code, install applications without authentication, or conduct
     cross-site scripting (XSS) attacks.
     """
-    # Extract the output of the command to check IOS configuration
-    ios_output = commands.check_ios
+    # Extract the output of the command to check IOx configuration
+    iox_output = commands.check_iox
 
-    # Check if IOS is configured
-    ios_configured = 'ios' in ios_output
+    # Check if IOx is configured
+    iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20718. "
-        "The device has IOS application hosting configured, "
+        "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "
         "or conduct XSS attacks. "
         "For more information, see "
-        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-yuXQ6hFj"
+        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
     )

CVEasy/Cisco/2022/cve202220719.py

@@ -6,30 +6,30 @@
     platform=['cisco_ios'],
     commands=dict(
         show_version='show version',
-        check_ios='show running-config | include ios'
+        check_iox='show running-config | include iox'
     ),
 )
 def rule_cve202220719(configuration, commands, device, devices):
     """
     This rule checks for the CVE-2022-20719 vulnerability in Cisco IOS Software.
-    The vulnerability is due to insufficient protection in the Cisco IOS application
+    The vulnerability is due to insufficient protection in the Cisco IOx application
     hosting environment.  Multiple vulnerabilities could allow an attacker to inject
     arbitrary commands into the underlying host operating system, execute arbitrary
     code, install applications without authentication, or conduct cross-site
     scripting (XSS) attacks.
     """
     # Extract the output of the command to check IOS configuration
-    ios_output = commands.check_ios
+    iox_output = commands.check_iox
 
-    # Check if IOS is configured
-    ios_configured = 'ios' in ios_output
+    # Check if IOx is configured
+    iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20719. "
-        "The device has IOS application hosting configured, "
+        "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "
         "or conduct XSS attacks. "
         "For more information, see "
-        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-yuXQ6hFj"
+        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
     )

CVEasy/Cisco/2022/cve202220720.py

@@ -6,30 +6,30 @@
     platform=['cisco_ios'],
     commands=dict(
         show_version='show version',
-        check_ios='show running-config | include ios'
+        check_iox='show running-config | include iox'
     ),
 )
 def rule_cve202220720(configuration, commands, device, devices):
     """
     This rule checks for the CVE-2022-20720 vulnerability in Cisco IOS Software.
-    The vulnerability is due to insufficient protection in the Cisco IOS application
+    The vulnerability is due to insufficient protection in the Cisco IOx application
     hosting environment.
     Multiple vulnerabilities could allow an attacker to inject arbitrary commands
     into the underlying host operating system, execute arbitrary code, install
     applications without authentication, or conduct cross-site scripting (XSS) attacks.
     """
     # Extract the output of the command to check IOS configuration
-    ios_output = commands.check_ios
+    iox_output = commands.check_iox
 
-    # Check if IOS is configured
-    ios_configured = 'ios' in ios_output
+    # Check if IOx is configured
+    iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20720. "
-        "The device has IOS application hosting configured, "
+        "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "
         "or conduct XSS attacks. "
         "For more information, see "
-        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-yuXQ6hFj"
+        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
     )

CVEasy/Cisco/2022/cve202220723.py

@@ -24,7 +24,7 @@ def rule_cve202220723(configuration, commands, device, devices):
     iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20723. "
         "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "

CVEasy/Cisco/2022/cve202220724.py

@@ -6,29 +6,29 @@
     platform=['cisco_ios'],
     commands=dict(
         show_version='show version',
-        check_ios='show running-config | include ios'
+        check_iox='show running-config | include iox'
     ),
 )
 def rule_cve202220724(configuration, commands, device, devices):
     """
     This rule checks for the CVE-2022-20724 vulnerability in Cisco IOS Software.
-    The vulnerability is due to insufficient protection in the Cisco IOS application hosting environment.
+    The vulnerability is due to insufficient protection in the Cisco IOx application hosting environment.
     Multiple vulnerabilities could allow an attacker to inject arbitrary commands into the underlying host
     operating system, execute arbitrary code, install applications without authentication, or conduct
     cross-site scripting (XSS) attacks.
     """
-    # Extract the output of the command to check IOS configuration
-    ios_output = commands.check_ios
+    # Extract the output of the command to check IOx configuration
+    iox_output = commands.check_iox
 
-    # Check if IOS is configured
-    ios_configured = 'ios' in ios_output
+    # Check if IOx is configured
+    iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20724. "
-        "The device has IOS application hosting configured, "
+        "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "
         "or conduct XSS attacks. "
         "For more information, see "
-        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-yuXQ6hFj"
+        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
     )

CVEasy/Cisco/2022/cve202220725.py

@@ -6,29 +6,29 @@
     platform=['cisco_ios'],
     commands=dict(
         show_version='show version',
-        check_ios='show running-config | include ios'
+        check_iox='show running-config | include iox'
     ),
 )
 def rule_cve202220725(configuration, commands, device, devices):
     """
     This rule checks for the CVE-2022-20725 vulnerability in Cisco IOS Software.
-    The vulnerability is due to insufficient protection in the Cisco IOS application hosting environment.
+    The vulnerability is due to insufficient protection in the Cisco IOx application hosting environment.
     Multiple vulnerabilities could allow an attacker to inject arbitrary commands into the underlying host
     operating system, execute arbitrary code, install applications without authentication, or conduct
     cross-site scripting (XSS) attacks.
     """
-    # Extract the output of the command to check IOS configuration
-    ios_output = commands.check_ios
+    # Extract the output of the command to check IOx configuration
+    iox_output = commands.check_iox
 
-    # Check if IOS is configured
-    ios_configured = 'ios' in ios_output
+    # Check if IOx is configured
+    iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20725. "
-        "The device has IOS application hosting configured, "
+        "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "
         "or conduct XSS attacks. "
         "For more information, see "
-        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-yuXQ6hFj"
+        "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
     )

CVEasy/Cisco/2022/cve202220727.py

@@ -24,7 +24,7 @@ def rule_cve202220727(configuration, commands, device, devices):
     iox_configured = 'iox' in iox_output
 
     # Assert that the device is not vulnerable
-    assert not ios_configured, (
+    assert not iox_configured, (
         f"Device {device.name} is vulnerable to CVE-2022-20727. "
         "The device has IOx application hosting configured, "
         "which could allow an attacker to execute arbitrary commands, install unauthorized applications, "