Vulnerability-Lookup

CVE-2023-20253 (GCVE-0-2023-20253)

Vulnerability from cvelistv5 – Published: 2023-09-27 17:12 – Updated: 2024-08-02 09:05

Summary

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device. This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-286 - Incorrect User Management

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco SD-WAN vManage	Affected: 17.2.6 Affected: 17.2.7 Affected: 17.2.8 Affected: 17.2.9 Affected: 17.2.10 Affected: 17.2.4 Affected: 17.2.5 Affected: 18.3.1.1 Affected: 18.3.3.1 Affected: 18.3.3 Affected: 18.3.4 Affected: 18.3.5 Affected: 18.3.7 Affected: 18.3.8 Affected: 18.3.6.1 Affected: 18.3.1 Affected: 18.3.0 Affected: 18.4.0.1 Affected: 18.4.3 Affected: 18.4.302 Affected: 18.4.303 Affected: 18.4.4 Affected: 18.4.5 Affected: 18.4.0 Affected: 18.4.1 Affected: 18.4.6 Affected: 19.2.0 Affected: 19.2.097 Affected: 19.2.099 Affected: 19.2.1 Affected: 19.2.2 Affected: 19.2.3 Affected: 19.2.31 Affected: 19.2.929 Affected: 19.2.4 Affected: 20.1.1.1 Affected: 20.1.12 Affected: 20.1.1 Affected: 20.1.2 Affected: 20.1.3 Affected: 19.3.0 Affected: 19.1.0 Affected: 18.2.0 Affected: 20.3.1 Affected: 20.3.2 Affected: 20.3.2.1 Affected: 20.3.3 Affected: 20.3.3.1 Affected: 20.3.4 Affected: 20.3.4.1 Affected: 20.3.4.2 Affected: 20.3.5 Affected: 20.3.6 Affected: 20.3.7 Affected: 20.3.7.1 Affected: 20.3.4.3 Affected: 20.3.5.1 Affected: 20.3.7.2 Affected: 20.4.1 Affected: 20.4.1.1 Affected: 20.4.1.2 Affected: 20.4.2 Affected: 20.4.2.2 Affected: 20.4.2.1 Affected: 20.4.2.3 Affected: 20.5.1 Affected: 20.5.1.2 Affected: 20.5.1.1 Affected: 20.6.1 Affected: 20.6.1.1 Affected: 20.6.1.2

GHSA-P5Q8-553C-RH75

Vulnerability from github – Published: 2023-09-27 18:30 – Updated: 2024-01-25 18:30

Details

This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-20253"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-286"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T18:15:11Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\n\n This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.",
  "id": "GHSA-p5q8-553c-rh75",
  "modified": "2024-01-25T18:30:44Z",
  "published": "2023-09-27T18:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20253"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2023-93331

Vulnerability from cnvd - Published: 2023-11-28

Title

Cisco SD-WAN vManage存在访问控制错误漏洞

Description

Cisco SD-WAN vManage是美国思科（Cisco）公司的一个高度可定制的仪表板。可简化和自动化Cisco SD-WAN的部署、配置、管理和操作。 Cisco SD-WAN vManage存在访问控制错误漏洞，该漏洞源于管理界面中的CLI上的访问控制执行不当，经过身份验证的本地攻击者可利用该漏洞绕过授权，回滚vManage控制器和边缘路由器设备上的配置。

Severity

中

Patch Name

Cisco SD-WAN vManage存在访问控制错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Reference

https://nvd.nist.gov/vuln/detail/CVE-2023-20253

Impacted products

Name
['Cisco Catalyst SD-WAN Manager 20.9', 'Cisco Catalyst SD-WAN Manager 20.11', 'Cisco Catalyst SD-WAN Manager 20.7', 'Cisco Catalyst SD-WAN Manager 20.8', 'Cisco SD-WAN vManage <20.6.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-20253",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-20253"
    }
  },
  "description": "Cisco SD-WAN vManage\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u9ad8\u5ea6\u53ef\u5b9a\u5236\u7684\u4eea\u8868\u677f\u3002\u53ef\u7b80\u5316\u548c\u81ea\u52a8\u5316Cisco SD-WAN\u7684\u90e8\u7f72\u3001\u914d\u7f6e\u3001\u7ba1\u7406\u548c\u64cd\u4f5c\u3002\n\nCisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ba1\u7406\u754c\u9762\u4e2d\u7684CLI\u4e0a\u7684\u8bbf\u95ee\u63a7\u5236\u6267\u884c\u4e0d\u5f53\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6388\u6743\uff0c\u56de\u6edavManage\u63a7\u5236\u5668\u548c\u8fb9\u7f18\u8def\u7531\u5668\u8bbe\u5907\u4e0a\u7684\u914d\u7f6e\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-93331",
  "openTime": "2023-11-28",
  "patchDescription": "Cisco SD-WAN vManage\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u9ad8\u5ea6\u53ef\u5b9a\u5236\u7684\u4eea\u8868\u677f\u3002\u53ef\u7b80\u5316\u548c\u81ea\u52a8\u5316Cisco SD-WAN\u7684\u90e8\u7f72\u3001\u914d\u7f6e\u3001\u7ba1\u7406\u548c\u64cd\u4f5c\u3002\r\n\r\nCisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ba1\u7406\u754c\u9762\u4e2d\u7684CLI\u4e0a\u7684\u8bbf\u95ee\u63a7\u5236\u6267\u884c\u4e0d\u5f53\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6388\u6743\uff0c\u56de\u6edavManage\u63a7\u5236\u5668\u548c\u8fb9\u7f18\u8def\u7531\u5668\u8bbe\u5907\u4e0a\u7684\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Catalyst SD-WAN Manager 20.9",
      "Cisco Catalyst SD-WAN Manager 20.11",
      "Cisco Catalyst SD-WAN Manager 20.7",
      "Cisco Catalyst SD-WAN Manager 20.8",
      "Cisco SD-WAN vManage \u003c20.6.2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-20253",
  "serverity": "\u4e2d",
  "submitTime": "2023-10-07",
  "title": "Cisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2023-20253

Vulnerability from fstec - Published: 27.09.2023

Title

Уязвимость интерфейса CLI централизованной системы управления сетью Cisco Catalyst SD-WAN Manager, позволяющая нарушителю произвести возврат к предыдущей конфигурации на уязвимом экземпляре

Description

Уязвимость интерфейса CLI централизованной системы управления сетью Cisco Catalyst SD-WAN Manager связана с недостатками контроля доступа. Эксплуатация уязвимости может позволить нарушителю произвести возврат к предыдущей конфигурации на уязвимом экземпляре

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Vendor

Cisco Systems Inc.

Software Name

Catalyst SD-WAN Manager

Software Version

до 20.11.1 (Catalyst SD-WAN Manager), до 20.6.2 (Catalyst SD-WAN Manager), до 20.10.1 (Catalyst SD-WAN Manager), до 20.7.1 (Catalyst SD-WAN Manager), до 20.8.1 (Catalyst SD-WAN Manager), до 20.9.1 (Catalyst SD-WAN Manager)

Possible Mitigations

Использование рекомендаций производителя: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Reference

https://vuldb.com/ru/?id.240729 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z https://www.cybersecurity-help.cz/vdb/SB2023092918

CWE

CWE-266, CWE-284

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 20.11.1 (Catalyst SD-WAN Manager), \u0434\u043e 20.6.2 (Catalyst SD-WAN Manager), \u0434\u043e 20.10.1 (Catalyst SD-WAN Manager), \u0434\u043e 20.7.1 (Catalyst SD-WAN Manager), \u0434\u043e 20.8.1 (Catalyst SD-WAN Manager), \u0434\u043e 20.9.1 (Catalyst SD-WAN Manager)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "03.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.10.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06232",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-20253",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Catalyst SD-WAN Manager",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 CLI \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u044c\u044e Cisco Catalyst SD-WAN Manager, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0442 \u043a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043f\u0440\u0438\u0441\u0432\u0430\u0438\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CWE-266), \u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 CLI \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u044c\u044e Cisco Catalyst SD-WAN Manager \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0432\u043e\u0437\u0432\u0440\u0430\u0442 \u043a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://vuldb.com/ru/?id.240729\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z\nhttps://www.cybersecurity-help.cz/vdb/SB2023092918",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-266, CWE-284",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)"
}

FKIE_CVE-2023-20253

Vulnerability from fkie_nvd - Published: 2023-09-27 18:15 - Updated: 2024-11-21 07:41

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	catalyst_sd-wan_manager	20.7
cisco	catalyst_sd-wan_manager	20.8
cisco	catalyst_sd-wan_manager	20.9
cisco	catalyst_sd-wan_manager	20.11
cisco	sd-wan_vmanage	*
cisco	sd-wan_vmanage	20.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BA763E2-62BF-4FA8-B565-948A0D2B0574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0493FE21-BB5A-41D3-9EBD-2C2BD165D5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "14E0AF41-0322-4F59-A2E2-DF709FC365E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F54BE3-6E7A-4142-B3EB-16036F7E2B5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1885D68A-547F-4C24-AE92-9F0D620E2018",
              "versionEndExcluding": "20.6.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0B8F2D3-F224-46BB-A3D9-6E5837EDE74E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n de la interfaz de l\u00ednea de comandos (CLI) de Cisco SD-WAN vManage podr\u00eda permitir que un atacante local autenticado omita la autorizaci\u00f3n y le permita revertir la configuraci\u00f3n en los controladores vManage y el dispositivo edge router. Esta vulnerabilidad se debe a un control de acceso inadecuado en la interfaz de administraci\u00f3n de CLI de un sistema afectado. Un atacante con acceso con privilegios bajos (solo lectura) al CLI podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud para revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado."
    }
  ],
  "id": "CVE-2023-20253",
  "lastModified": "2024-11-21T07:41:00.117",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-27T18:15:11.620",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-286"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2023-AVI-0788

Vulnerability from certfr_avis - Published: 2023-09-28 - Updated: 2023-09-28

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Catalyst SD-WAN Manager (anciennement Cisco SD-WAN vManage) versions antérieures à 20.12.1
Cisco IOS et IOS XE sans le dernier correctif de sécurité (vérifier sur le site de l'éditeur pour identifier les versions vulnérables)
Cisco DNA Center versions antérieures à 2.3.5.4
Cisco DNA Center versions 2.3.6.x antérieures à 2.3.7.0

Cisco précise que seules les versions 20.9.3.2 et 20.11.1.2 sont concernées par la vulnérabilité critique CVE-2023-20252. Toutefois, seule la version 20.12.1 corrige toutes les autres vulnérabilités mentionnées dans l'avis Cisco cisco-sa-sdwan-vman-sc-LRLfu2z.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2023-20253

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-20253

Aliases

CVE-2023-20253

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-20253",
    "id": "GSD-2023-20253"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-20253"
      ],
      "details": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.",
      "id": "GSD-2023-20253",
      "modified": "2023-12-13T01:20:27.697790Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2023-20253",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco SD-WAN vManage",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "17.2.6"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.7"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.8"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.9"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.10"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.4"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "17.2.5"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.3.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.4"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.5"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.7"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.8"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.6.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.3.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.0.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.302"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.303"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.4"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.5"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.4.6"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.097"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.099"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.31"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.929"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.2.4"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.1.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.1.12"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.1.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.1.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.3.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "19.1.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "18.2.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.2.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.3.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.4"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.4.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.4.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.5"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.6"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.7"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.7.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.4.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.5.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.3.7.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.1.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.2.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.2.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.4.2.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.5.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.5.1.2"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.5.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.6.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.6.1.1"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "20.6.1.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system."
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-286",
                "lang": "eng",
                "value": "Incorrect User Management"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
            "refsource": "MISC",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z",
        "defects": [
          "CSCvz62234"
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.7:*:*:*:*:*:*:*",
                    "matchCriteriaId": "6BA763E2-62BF-4FA8-B565-948A0D2B0574",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0493FE21-BB5A-41D3-9EBD-2C2BD165D5CF",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.9:*:*:*:*:*:*:*",
                    "matchCriteriaId": "14E0AF41-0322-4F59-A2E2-DF709FC365E2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.11:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F6F54BE3-6E7A-4142-B3EB-16036F7E2B5E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "1885D68A-547F-4C24-AE92-9F0D620E2018",
                    "versionEndExcluding": "20.6.2",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.10:*:*:*:*:*:*:*",
                    "matchCriteriaId": "D0B8F2D3-F224-46BB-A3D9-6E5837EDE74E",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n de la interfaz de l\u00ednea de comandos (CLI) de Cisco SD-WAN vManage podr\u00eda permitir que un atacante local autenticado omita la autorizaci\u00f3n y le permita revertir la configuraci\u00f3n en los controladores vManage y el dispositivo edge router. Esta vulnerabilidad se debe a un control de acceso inadecuado en la interfaz de administraci\u00f3n de CLI de un sistema afectado. Un atacante con acceso con privilegios bajos (solo lectura) al CLI podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud para revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado."
          }
        ],
        "id": "CVE-2023-20253",
        "lastModified": "2024-01-25T17:15:41.443",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            },
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.2,
              "source": "ykramarz@cisco.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2023-09-27T18:15:11.620",
        "references": [
          {
            "source": "ykramarz@cisco.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
          }
        ],
        "sourceIdentifier": "ykramarz@cisco.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "NVD-CWE-noinfo"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          },
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-286"
              }
            ],
            "source": "ykramarz@cisco.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-20253 (GCVE-0-2023-20253)

GHSA-P5Q8-553C-RH75

CNVD-2023-93331

CVE-2023-20253

FKIE_CVE-2023-20253

CERTFR-2023-AVI-0788

Solution

GSD-2023-20253

Tags

Sightings

Nomenclature