Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2023-20015

🗓️ 23 Feb 2023 00:00:00Reported by ciscoType 
cve
 cve🔗 web.nvd.nist.gov👁 81 Views

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2023-20015
23 Feb 202300:00
attackerkb
Circl		CVE-2023-20015
23 Feb 202322:18
circl
Cisco		Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability
22 Feb 202316:00
cisco
Tenable Nessus		Cisco Firepower 4100 Series and Firepower 9300 Security Appliances Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)
24 Feb 202300:00
nessus
Tenable Nessus		Cisco UCS Fabric Interconnects Command Injection (cisco-sa-nxfp-cmdinj-XXBZjtR)
24 Feb 202300:00
nessus
CNNVD		Cisco Firepower 4100 Series和Cisco Firepower 9300 Security Appliance 操作系统命令注入漏洞
23 Feb 202300:00
cnnvd
Cvelist		CVE-2023-20015 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability
23 Feb 202300:00
cvelist
EUVD		EUVD-2023-24194
3 Oct 202520:07
euvd
NCSC		Vulnerabilities fixed in Cisco Firepower and UCS Fabric Interconnect systems
24 Feb 202300:00
ncsc
NVD		CVE-2023-20015
23 Feb 202320:15
nvd
Rows per page
NVD
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6536_firmwareMatch-
AND
ciscoucs_6536Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_64108_firmwareMatch-
AND
ciscoucs_64108Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6454_firmwareMatch-
AND
ciscoucs_6454Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6200_firmwareMatch-
AND
ciscoucs_6200Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6248up_firmwareMatch-
AND
ciscoucs_6248upMatch-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6296up_firmwareMatch-
AND
ciscoucs_6296upMatch-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6300_firmwareMatch-
AND
ciscoucs_6300Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6324_firmwareMatch-
AND
ciscoucs_6324Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6332_firmwareMatch-
AND
ciscoucs_6332Match-
Node
ciscoucs_central_softwareRange4.04.0(4o)
OR
ciscoucs_central_softwareRange4.14.1(3k)
OR
ciscoucs_central_softwareRange4.24.2(2d)
OR
ciscoucs_6332-16up_firmwareMatch-
AND
ciscoucs_6332-16upMatch-
Node
ciscofirepower_extensible_operating_systemMatch-
AND
ciscofirepower_4100Match-
OR
ciscofirepower_4110Match-
OR
ciscofirepower_4112Match-
OR
ciscofirepower_4115Match-
OR
ciscofirepower_4120Match-
OR
ciscofirepower_4125Match-
OR
ciscofirepower_4140Match-
OR
ciscofirepower_4145Match-
OR
ciscofirepower_4150Match-
OR
ciscofirepower_9300_sm-24Match-
OR
ciscofirepower_9300_sm-36Match-
OR
ciscofirepower_9300_sm-40Match-
OR
ciscofirepower_9300_sm-44Match-
OR
ciscofirepower_9300_sm-44_x_3Match-
OR
ciscofirepower_9300_sm-48Match-
OR
ciscofirepower_9300_sm-56Match-
OR
ciscofirepower_9300_sm-56_x_3Match-
[
  {
    "vendor": "Cisco",
    "product": "Cisco Unified Computing System (Managed)",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 07:40Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.16 - 6.7
EPSS0.00114
SSVC
CWE-78
ciscofirepowervulnerabilitycliinput validationunauthorized commandsinjectioncisco ucsfabric interconnectsnvdcve-2023-20015
81