The vulnerability of the command-line interface (CLI) of the Cisco Unified Computing System Manager and Cisco FXOS/NX-OS operating systems for Firepower 4100 Series, Firepower 9300 Security Appliances, UCS 6200, UCS 6300, UCS 6400, and UCS 6500 routers allows a malicious actor to execute arbitrary commands.

🗓️ 06 Mar 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

CLI flaw in Cisco Unified Computing System Manager and FXOS NX-OS allows arbitrary command execution from unneutralized elements.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2023-20015	23 Feb 202300:00	–	attackerkb
Circl	CVE-2023-20015	23 Feb 202322:18	–	circl
Cisco	Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability	22 Feb 202316:00	–	cisco
Tenable Nessus	Cisco Firepower 4100 Series and Firepower 9300 Security Appliances Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)	24 Feb 202300:00	–	nessus
Tenable Nessus	Cisco UCS Fabric Interconnects Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)	24 Feb 202300:00	–	nessus
CNNVD	Cisco Firepower 4100 Series和Cisco Firepower 9300 Security Appliance 操作系统命令注入漏洞	23 Feb 202300:00	–	cnnvd
CVE	CVE-2023-20015	23 Feb 202300:00	–	cve
Cvelist	CVE-2023-20015 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability	23 Feb 202300:00	–	cvelist
EUVD	EUVD-2023-24194	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco Firepower and UCS Fabric Interconnect systems	24 Feb 202300:00	–	ncsc

Source	Link
vuldb	www.vuldb.com/ru/
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR
web	www.web.nvd.nist.gov/view/vuln/detail

06 Mar 2023 00:00Current

7High risk

Vulners AI Score7

CVSS 36

CVSS 26.2

EPSS0.00114

Unified Computing System Firepower Series UCS Platforms