mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
458 lines
16 KiB
JSON
458 lines
16 KiB
JSON
{
|
|
"id": "CVE-2023-20076",
|
|
"sourceIdentifier": "ykramarz@cisco.com",
|
|
"published": "2023-02-12T04:15:19.287",
|
|
"lastModified": "2023-11-07T04:05:57.277",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 8.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "ykramarz@cisco.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "HIGH",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.2,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.2,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-78"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "ykramarz@cisco.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-233"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.4.2",
|
|
"matchCriteriaId": "C0123C40-42E9-4DA1-A333-1249D52FE05F"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:iox:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41E74F18-C63E-4A10-99C2-51907E199BC0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "17.6.5",
|
|
"matchCriteriaId": "9F708D7F-6673-489E-9B2D-796AF552D7A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17.9.0",
|
|
"versionEndExcluding": "17.9.2",
|
|
"matchCriteriaId": "D9FC38B1-5F12-496F-8843-F119DB2D684C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC868609-83CD-4FBA-A842-18CD4F07D8D4"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:cgr1240_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.16.0.1",
|
|
"matchCriteriaId": "F343CE69-D1C6-4CB3-97CF-AC480FA6802D"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.16.0.1",
|
|
"matchCriteriaId": "F17050EB-5D47-4287-A2E7-518A811157A7"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "1.10.0.1",
|
|
"matchCriteriaId": "2CF8D8F3-C04A-4A32-B7DF-7649506B83D1"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "15.9\\(3\\)",
|
|
"matchCriteriaId": "94A8B23B-89DC-4BD2-AC3B-E73169F42F6C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C0E5C422-7131-49C5-B05C-11CDC97373BC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "313940F2-909D-4BAB-BC1C-CA9419F4E9A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "887AA4F7-7A63-4FAF-89E9-B992FF8C0F46"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1EEADC2-0938-48F8-8ED4-7A2643B6BAE2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A79FD2A7-F49F-40CA-B721-AD222DD16CA6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE95BEF3-E236-4B08-A3C5-210A094AB41E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D097582-7C84-4899-93C4-B16692A41302"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86891B33-4B66-48C1-933B-75187404B129"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "372E3DB5-5296-4353-9A2B-0A8040F07BA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "20FCE500-AD08-40CE-8956-2997C9200B41"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "15.9\\(3\\)",
|
|
"matchCriteriaId": "8FB92E03-2956-4AC1-831F-152FCBA01092"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1FA00C2A-CFC0-498B-8EA7-989FA2B78A2A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "308D1626-255D-4266-B2E1-B6D34D7D8881"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FA3B170E-B248-4E9E-968B-A6320AAF3601"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E20439B8-530E-4C49-AFBE-5AFAC95BA994"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BDA253BF-10DF-4819-A165-9E9049B14D74"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4FA057DC-F9D9-4A96-9AAF-86303A4D21A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DF79F40-DA37-4A36-95BD-7FDD8D41783F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E0DB4FDC-3152-4144-A85B-920577D65BC5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "564BC14B-465D-4E3D-A37A-15ED0AE65AA2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5612E330-FA91-4DA5-9D74-4E262769E388"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "15.9\\(3\\)",
|
|
"matchCriteriaId": "FF306339-36B4-4549-8C8D-C7530C575D9B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA50E936-DFBC-4B6A-9AE3-763CBD2EA2CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D8088D28-AA6B-4CA8-B120-9993D0C8035F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "73D568BB-6646-4366-8D8F-87B829AC018F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "352566DD-EF2B-49A0-9CFF-3C67152DE403"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "18E645F0-179C-43F4-9B12-2485B3C1924C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0C1A3AB-E91B-4A59-8E49-C7E722A97F38"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E5D4FD9E-A505-4819-B57D-458A24C7E0AB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A299F13E-02DD-490E-96F7-02BF7B21A46D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ACD17542-1D24-4D1B-A123-B773BA66326E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D5F1604-4189-4585-8E94-0BD1F02A125C"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL",
|
|
"source": "ykramarz@cisco.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |