Lucene search

[email protected]CVE-2023-20123

HistoryApr 05, 2023 - 7:15 p.m.

CVE-2023-20123

2023-04-0519:15:08

CWE-294

[email protected]

web.nvd.nist.gov

cisco

duo

two-factor authentication

macos

windows

logon

rdp

vulnerability

unauthorized access

physical attacker

replay attack

session credentials

mfa

6.3 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.8%

JSON

A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and RDP could allow an unauthenticated, physical attacker to replay valid user session credentials and gain unauthorized access to an affected macOS or Windows device. This vulnerability exists because session credentials do not properly expire. An attacker could exploit this vulnerability by replaying previously used multifactor authentication (MFA) codes to bypass MFA protection. A successful exploit could allow the attacker to gain unauthorized access to the affected device.

Affected configurations

NVD

Node

ciscoduoRange<2.0.1macos

ciscoduo_authentication_for_windows_logon_and_rdpRange<4.2.2

CPENameOperatorVersion
cisco:duocisco duolt2.0.1
cisco:duo_authentication_for_windows_logon_and_rdpcisco duo authentication for windows logon and rdplt4.2.2

CPE	Name	Operator	Version
cisco:duo	cisco duo	lt	2.0.1
cisco:duo_authentication_for_windows_logon_and_rdp	cisco duo authentication for windows logon and rdp	lt	4.2.2

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Duo ",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]