admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-200xx/CVE-2023-20064.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

377 lines
13 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-20064",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-03-09T22:15:52.277",
"lastModified": "2023-11-07T04:05:55.203",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.9.1",
"matchCriteriaId": "A8E6CEEB-0908-4884-A51E-000000DE5E92"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "FAE7AE4D-73A6-4179-80DA-2219563928E1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0FF7BDEE-8351-4CE3-BEAD-42C8767E0BF8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A5266F35-6886-4CF1-81DB-25626A0A26A0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.6.1",
"matchCriteriaId": "B25F4932-6940-4934-B110-577417B93948"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nc57-18dd-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98728BD8-C11B-413D-8C8A-052661A608AA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nc57-24dd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B61EB0-E121-4899-9504-269CE4E7E3EB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nc57-36h-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6811F99A-F96F-4B26-AF68-DC1A8C3B65E0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:nc57-36h6d-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "560B88A5-3716-43AB-A094-063293EF6509"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13EEDD1C-25BC-4AFA-AF60-66DE36927528"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD3B06B-864E-4A35-B0C3-1654390022D2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1B4F37-5AAA-4F40-8865-226289CB5CEB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "355F78C3-C07F-48C3-9B6E-55714EAA7331"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.7.1",
"matchCriteriaId": "C3FBC1F6-F523-485A-A466-B6DBA15E6537"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink