CVE-2023-20229

🗓️ 16 Aug 2023 21:43:36Reported by ciscoType

A vulnerability in Cisco Duo Device Health App for Windows could allow a local attacker to conduct directory traversal attacks and overwrite file

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the CryptoService function in software for monitoring the status of devices connected to a network allows a hacker to modify arbitrary files.	21 Aug 202300:00	–	bdu_fstec
Circl	CVE-2023-20229	17 Aug 202302:37	–	circl
Cisco	Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability	16 Aug 202316:00	–	cisco
CNNVD	Cisco Duo 路径遍历漏洞	16 Aug 202300:00	–	cnnvd
CVE	CVE-2023-20229	16 Aug 202321:43	–	cve
EUVD	EUVD-2023-24408	3 Oct 202520:07	–	euvd
NVD	CVE-2023-20229	16 Aug 202322:15	–	nvd
OSV	CVE-2023-20229	16 Aug 202322:15	–	osv
Prion	Directory traversal	16 Aug 202322:15	–	prion
Positive Technologies	PT-2023-4432 · Cisco · Cisco Duo Device Health Application	16 Aug 202300:00	–	ptsecurity

[
  {
    "vendor": "Cisco",
    "product": "Cisco Duo Device Health Application",
    "versions": [
      {
        "version": "5.0.0.0",
        "status": "affected"
      },
      {
        "version": "5.1.0.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-dha-filewrite-xPMBMZAK

25 Jan 2024 16:58Current

7.1High risk

Vulners AI Score7.1

CVSS 3.17.1

EPSS0.00385