{ "id": "CVE-2023-20097", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-03-23T17:15:15.027", "lastModified": "2023-11-07T04:06:02.180", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 0.8, "impactScore": 5.9 }, { "source": "ykramarz@cisco.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.5, "impactScore": 2.7 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-77" } ] }, { "source": "ykramarz@cisco.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-77" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*", "versionEndExcluding": "8.10.183.0", "matchCriteriaId": "D9EA7E3F-2EA0-4B32-BCA0-0E88FC9E4F9D" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*", "versionEndExcluding": "17.9.0.135", "matchCriteriaId": "386B92C5-05F3-40A8-8F35-280DD9E84169" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*", "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*", "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*", "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*", "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*", "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*", "matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*", "matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*", "matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*", "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*", "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*", "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*", "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*", "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*", "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*", "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*", "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*", "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*", "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*", "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*", "matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*", "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*", "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*", "matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*", "matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "versionEndExcluding": "16.12.8", "matchCriteriaId": "810472FD-52DE-4694-98FA-1AD858BEC895" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.1", "versionEndExcluding": "17.3.6", "matchCriteriaId": "55C1CD64-ADE0-453F-9E0B-EA952F743892" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.4", "versionEndExcluding": "17.6.5", "matchCriteriaId": "612EB810-AB85-49D4-BB5C-C03E2B1A0B43" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.7", "versionEndExcluding": "17.9.2", "matchCriteriaId": "8F4C5572-9D7D-405C-AF93-DF9FF07F92F7" } ] } ] } ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8", "source": "ykramarz@cisco.com", "tags": [ "Vendor Advisory" ] } ] }