Lucene search

[email protected]CVE-2023-20015

HistoryFeb 23, 2023 - 8:15 p.m.

CVE-2023-20015

2023-02-2320:15:13

CWE-78

[email protected]

web.nvd.nist.gov

cisco

firepower

vulnerability

cli

input validation

unauthorized commands

injection

cisco ucs

fabric interconnects

nvd

cve-2023-20015

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.

Affected configurations

NVD

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6536_firmwareMatch-

AND

ciscoucs_6536Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_64108_firmwareMatch-

AND

ciscoucs_64108Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6454_firmwareMatch-

AND

ciscoucs_6454Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6200_firmwareMatch-

AND

ciscoucs_6200Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6248up_firmwareMatch-

AND

ciscoucs_6248upMatch-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6296up_firmwareMatch-

AND

ciscoucs_6296upMatch-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6300_firmwareMatch-

AND

ciscoucs_6300Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6324_firmwareMatch-

AND

ciscoucs_6324Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6332_firmwareMatch-

AND

ciscoucs_6332Match-

Node

ciscoucs_central_softwareRange4.0–4.0\(4o\)

ciscoucs_central_softwareRange4.1–4.1\(3k\)

ciscoucs_central_softwareRange4.2–4.2\(2d\)

ciscoucs_6332-16up_firmwareMatch-

AND

ciscoucs_6332-16upMatch-

Node

ciscofirepower_extensible_operating_systemMatch-

AND

ciscofirepower_4100Match-

ciscofirepower_4110Match-

ciscofirepower_4112Match-

ciscofirepower_4115Match-

ciscofirepower_4120Match-

ciscofirepower_4125Match-

ciscofirepower_4140Match-

ciscofirepower_4145Match-

ciscofirepower_4150Match-

ciscofirepower_9300_sm-24Match-

ciscofirepower_9300_sm-36Match-

ciscofirepower_9300_sm-40Match-

ciscofirepower_9300_sm-44Match-

ciscofirepower_9300_sm-44_x_3Match-

ciscofirepower_9300_sm-48Match-

ciscofirepower_9300_sm-56Match-

ciscofirepower_9300_sm-56_x_3Match-

CPENameOperatorVersion
cisco:ucs_central_softwarecisco ucs central softwarelt4.0\(4o\)
cisco:ucs_central_softwarecisco ucs central softwarelt4.1\(3k\)
cisco:ucs_central_softwarecisco ucs central softwarelt4.2\(2d\)
cisco:ucs_6536_firmwarecisco ucs 6536 firmwareeq-

CPE	Name	Operator	Version
cisco:ucs_central_software	cisco ucs central software	lt	4.0\(4o\)
cisco:ucs_central_software	cisco ucs central software	lt	4.1\(3k\)
cisco:ucs_central_software	cisco ucs central software	lt	4.2\(2d\)
cisco:ucs_6536_firmware	cisco ucs 6536 firmware	eq	-

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Unified Computing System (Managed) ",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]