Lucene search

CiscoCVELIST:CVE-2023-20274

HistoryNov 21, 2023 - 6:49 p.m.

CVE-2023-20274

2023-11-2118:49:52

cisco

www.cve.org

cisco appdynamics php agent

privilege escalation

local attacker

installer script

authenticated

insufficient permissions

php agent install directory

modify objects

root privileges

6.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device.

This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An attacker could exploit this vulnerability by modifying objects in the PHP Agent install directory, which would run with the same privileges as PHP. A successful exploit could allow a lower-privileged attacker to elevate their privileges to root on an affected device.

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco AppDynamics",
    "versions": [
      {
        "version": "21.2.7",
        "status": "affected"
      },
      {
        "version": "21.2.8",
        "status": "affected"
      },
      {
        "version": "21.4.0",
        "status": "affected"
      },
      {
        "version": "21.4.10",
        "status": "affected"
      },
      {
        "version": "21.4.11",
        "status": "affected"
      },
      {
        "version": "21.4.2",
        "status": "affected"
      },
      {
        "version": "21.4.3",
        "status": "affected"
      },
      {
        "version": "21.4.4",
        "status": "affected"
      },
      {
        "version": "21.4.5",
        "status": "affected"
      },
      {
        "version": "21.4.6",
        "status": "affected"
      },
      {
        "version": "21.4.7",
        "status": "affected"
      },
      {
        "version": "21.4.8",
        "status": "affected"
      },
      {
        "version": "21.4.9",
        "status": "affected"
      },
      {
        "version": "21.5.0",
        "status": "affected"
      },
      {
        "version": "21.6.0",
        "status": "affected"
      },
      {
        "version": "22.1.0",
        "status": "affected"
      },
      {
        "version": "22.1.1",
        "status": "affected"
      },
      {
        "version": "22.11.0",
        "status": "affected"
      },
      {
        "version": "22.3.0",
        "status": "affected"
      },
      {
        "version": "22.10.0",
        "status": "affected"
      },
      {
        "version": "22.12.0",
        "status": "affected"
      },
      {
        "version": "22.12.1",
        "status": "affected"
      },
      {
        "version": "21.7.0",
        "status": "affected"
      },
      {
        "version": "22.8.0",
        "status": "affected"
      },
      {
        "version": "23.2.0",
        "status": "affected"
      },
      {
        "version": "23.4.0",
        "status": "affected"
      }
    ]
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-php-authpriv-gEBwTvu5

6.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2023-20274