admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/20xxx/CVE-2023-20065.json
CVE Team c1d0e0e88e
"-Synchronized-Data."
2023-05-08 16:00:35 +00:00

295 lines
14 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-20065",
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "16.4.1"
},
{
"version_affected": "=",
"version_value": "16.4.2"
},
{
"version_affected": "=",
"version_value": "16.4.3"
},
{
"version_affected": "=",
"version_value": "17.3.1"
},
{
"version_affected": "=",
"version_value": "17.3.2"
},
{
"version_affected": "=",
"version_value": "17.3.3"
},
{
"version_affected": "=",
"version_value": "17.3.1a"
},
{
"version_affected": "=",
"version_value": "17.3.1w"
},
{
"version_affected": "=",
"version_value": "17.3.2a"
},
{
"version_affected": "=",
"version_value": "17.3.1x"
},
{
"version_affected": "=",
"version_value": "17.3.1z"
},
{
"version_affected": "=",
"version_value": "17.3.4"
},
{
"version_affected": "=",
"version_value": "17.3.5"
},
{
"version_affected": "=",
"version_value": "17.3.4a"
},
{
"version_affected": "=",
"version_value": "17.3.6"
},
{
"version_affected": "=",
"version_value": "17.3.4b"
},
{
"version_affected": "=",
"version_value": "17.3.4c"
},
{
"version_affected": "=",
"version_value": "17.3.5a"
},
{
"version_affected": "=",
"version_value": "17.3.5b"
},
{
"version_affected": "=",
"version_value": "17.4.1"
},
{
"version_affected": "=",
"version_value": "17.4.2"
},
{
"version_affected": "=",
"version_value": "17.4.1a"
},
{
"version_affected": "=",
"version_value": "17.4.1b"
},
{
"version_affected": "=",
"version_value": "17.4.2a"
},
{
"version_affected": "=",
"version_value": "17.5.1"
},
{
"version_affected": "=",
"version_value": "17.5.1a"
},
{
"version_affected": "=",
"version_value": "17.5.1b"
},
{
"version_affected": "=",
"version_value": "17.5.1c"
},
{
"version_affected": "=",
"version_value": "17.6.1"
},
{
"version_affected": "=",
"version_value": "17.6.2"
},
{
"version_affected": "=",
"version_value": "17.6.1w"
},
{
"version_affected": "=",
"version_value": "17.6.1a"
},
{
"version_affected": "=",
"version_value": "17.6.1x"
},
{
"version_affected": "=",
"version_value": "17.6.3"
},
{
"version_affected": "=",
"version_value": "17.6.1y"
},
{
"version_affected": "=",
"version_value": "17.6.1z"
},
{
"version_affected": "=",
"version_value": "17.6.3a"
},
{
"version_affected": "=",
"version_value": "17.6.4"
},
{
"version_affected": "=",
"version_value": "17.6.1z1"
},
{
"version_affected": "=",
"version_value": "17.7.1"
},
{
"version_affected": "=",
"version_value": "17.7.1a"
},
{
"version_affected": "=",
"version_value": "17.7.1b"
},
{
"version_affected": "=",
"version_value": "17.7.2"
},
{
"version_affected": "=",
"version_value": "17.8.1"
},
{
"version_affected": "=",
"version_value": "17.8.1a"
},
{
"version_affected": "=",
"version_value": "17.9.1"
},
{
"version_affected": "=",
"version_value": "17.9.1w"
},
{
"version_affected": "=",
"version_value": "17.9.2"
},
{
"version_affected": "=",
"version_value": "17.9.1a"
},
{
"version_affected": "=",
"version_value": "17.9.2a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk"
},
{
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-qrpq-fp26-7v9r",
"refsource": "MISC",
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-qrpq-fp26-7v9r"
}
]
},
"source": {
"advisory": "cisco-sa-iox-priv-escalate-Xg8zkyPk",
"discovery": "EXTERNAL",
"defects": [
"CSCwd25783"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink