Lucene search
China National Vulnerability DatabaseCNVD-2023-93333HistoryAug 18, 2023 - 12:00 a.m.
Cisco Intersight Private Virtual Appliance Command Injection Vulnerability
2023-08-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
2
cisco intersight
command injection
vulnerability
input validation
root privileges
remote attacker
Cisco Intersight is an application platform from Cisco, Inc. It provides a level of intelligent management that enables IT organizations to analyze, simplify, and automate their environments in a more advanced way than previous generations of tools. A command injection vulnerability exists in the Cisco Intersight Private Virtual Appliance that stems from insufficient input validation when extracting uploaded packages, which can be exploited by an authenticated, remote attacker to execute arbitrary commands with root privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco cisco intersight private virtual appliance | eq | 1.0.9 |
Related
prion
prion
Input validation
2023-08-16 22:15:00
cvelist
cvelist
CVE-2023-20017
2023-08-16 21:01:28
nvd
nvd
CVE-2023-20017
2023-08-16 22:15:10
cve
cve
CVE-2023-20017
2023-08-16 22:15:10
cisco
cisco
Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities
2023-08-16 16:00:00