Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-NXOS-CLI-CMDINJECT-EUQVK9U.NASLHistoryFeb 23, 2023 - 12:00 a.m.
Cisco NX-OS Software CLI Comm Injection (cisco-sa-nxos-cli-cmdinject-euQVK9u)
2023-02-2300:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
116
cisco nx-os
software
command injection
vulnerability
authentication
local attacker
arbitrary commands
validation
crafted input
cve-2023-20050
privileges
user logged-in
0.0004 Low
EPSS
Percentile
5.2%
According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability.
- A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user. (CVE-2023-20050)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED a202ca64cfbe268193afdac4a4c6bb3309ec24bd2ef71d922e13d150f955d81c62d5907d2aed87d1f08d0349f26ba21dae4394fa8f391732319f7020421abc8602da8bb1b8df23eea855a7523bb21d6b00f052bb0d6dc3b2fb17f57bb5a2537a6cf176b52575e3c2a658451fd9aac35f6d8d41ffb6ad37f57fca7603a13bbb4a7be840c02887f408d43a76a5af6fced2db52329935ff13530ac7612a9c4de554231650b0653daed74dbaa7d59cf6dc15c2687c33bd37b8d97528d29f05c6a7485d2e13d72a834928bccc936aff593cbf8909b9f9f8180a86fc4e14a26456b0ffdad50da221692266c548d0c2b29b5d72310baee9696ca3cba78ddfc4686ac1671abf4012ba029cd0e30718c43d3e9ed9dfafa78842736675026caffa6f3121bc8310eefaf57eefc9df9efab067c4588dc85b507a5897c2ff113674bf68ca62b223653f12016e9a83fe812aaa42f4e63051f778664fe06c1e8887de5160cb4ba0f88332ad47f959ec873cbe33f203d209d9f46585c95a305a5779b5fd597c1da7b28b033dc491e61e5484e315a4de1bc91483ec41075f7ce3776892ae72a0fbac295a0242b193afa98bfbba7ad3e798ff7a44faad117482e45d484b1ed84627c53369cfa5dad5bea3b4b85c9f0abffc6335502798b9a753b4492134f3e26e465276e66affea0de988ca0444fdcafca6f5658a840cc93e552b3dcfdc742096bc0d
#TRUST-RSA-SHA256 419ec8c65ed658182ed8eae876f3c127ba4e67e3324a90abcf8f225f34b42d7445aa92e3810e63a5c20adf1de298abdadc4a65d20733548993a73fde884993f2cd6e4206a2979ef907c9e3e38a436965aff9ed94eefa3e8d3cd69eb621c8d854f6b06c54210acf16a6fbc4d30c84f03bc8174c1949d454558401f8b03d8dfe3039209a36f8881a98ca9b6c3b0101fe659765635d7e6f76f7a9995d9773664d781667aeca2eaaa5ce033b5a2dd018a5a936832c0ac289d6a4bbcc4dc2e6738651dce9cba9819516d0daf5d36baed23f704fe89121dfbbc101aea1051e5aaffa7de646a2a171b6e86c7f07810c45586428a6ad4f2c7e9b1a59fdc32af87efaf678e7cf2b3cbe760d736507c1d800b034718378c7840c466a6aafc8912601cc94a758031da6cabb99d9e484fb31fecf4c422f89f9b0355e2e618982ec64f6a3500959610c768310857186f7cbdefeb4f772d4b53505b7926a7e746e757e6902a946fc2bcc17698d2a6098ded4127ffbd2d03995fa21e7a4cb0b8f6bb550b14cd44854d66e7edccaf67fc13f364898cb23f76c9423ac9474908e40855128832ac5b9735c297c1e569570d2e4d8b55ae184f60bd3c70f7af0cf86cc6a6dccbfb37f38c6cb0cb8ec7383a0a600d26471969ec6464cabedd635b3a9d5d53c9ab24fc2eca0442f379e9db392cf9aedd2bf3c276b16d796f3f9e996a2f6b2159d6176133f
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(171838);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/31");
script_cve_id("CVE-2023-20050");
script_xref(name:"CISCO-BUG-ID", value:"CSCwd00653");
script_xref(name:"CISCO-BUG-ID", value:"CSCwd18009");
script_xref(name:"CISCO-BUG-ID", value:"CSCwd18011");
script_xref(name:"CISCO-BUG-ID", value:"CSCwd18012");
script_xref(name:"CISCO-BUG-ID", value:"CSCwd18013");
script_xref(name:"CISCO-SA", value:"cisco-sa-nxos-cli-cmdinject-euQVK9u");
script_xref(name:"IAVA", value:"2023-A-0120");
script_name(english:"Cisco NX-OS Software CLI Comm Injection (cisco-sa-nxos-cli-cmdinject-euQVK9u)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability.
- A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute
arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to
insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit
this vulnerability by including crafted input as the argument of an affected command. A successful exploit
could allow the attacker to execute arbitrary commands on the underlying operating system with the
privileges of the currently logged-in user. (CVE-2023-20050)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cli-cmdinject-euQVK9u
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c662ba3d");
# https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75057
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?824d6bb6");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd00653");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18009");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18011");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18012");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18013");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwd00653, CSCwd18009, CSCwd18011, CSCwd18012,
CSCwd18013");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-20050");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/22");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/23");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_nxos_version.nasl");
script_require_keys("Host/Cisco/NX-OS/Version", "Host/Cisco/NX-OS/Model", "Host/Cisco/NX-OS/Device");
exit(0);
}
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco NX-OS Software');
if (('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])1[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])3[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])7[0-9]{2,3}") &&
('MDS' >!< product_info.device || product_info.model !~ "^9[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])9[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])5[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])6[0-9]{2,3}"))
audit(AUDIT_HOST_NOT, 'affected');
# Check if installed patch fix listed in Active package list
var show_ver = get_kb_item('Host/Cisco/show_ver');
if (!empty_or_null(show_ver))
{
foreach var patch (['n7000-s2-dk9.8.2.9.CSCwd18011',
'n7700-s2-dk9.8.2.9.CSCwd18011',
'nxos.CSCwd00653-n9k_ALL-1.0.0-9.3.10.lib32_n9000',
'nxos64-cs.CSCwd00653-1.0.0-10.2.4.lib32_64_n9000',
'nxos64-msll.CSCwd00653-1.0.0-10.2.4.lib32_64_n9000'])
{
if (patch >< show_ver)
audit(AUDIT_HOST_NOT, 'affected');
}
}
var version_list = [];
if ('Nexus' >< product_info.device && product_info.model =~ "^1[0-9]{2,3}")
{
version_list = make_list(
'4.2(1)SV1(4)',
'4.2(1)SV1(4a)',
'4.2(1)SV1(4b)',
'4.2(1)SV1(5.1)',
'4.2(1)SV1(5.1a)',
'4.2(1)SV1(5.2)',
'4.2(1)SV1(5.2b)',
'4.2(1)SV2(1.1)',
'4.2(1)SV2(1.1a)',
'4.2(1)SV2(2.1)',
'4.2(1)SV2(2.1a)',
'4.2(1)SV2(2.2)',
'4.2(1)SV2(2.3)',
'5.2(1)SM1(5.1)',
'5.2(1)SM1(5.2)',
'5.2(1)SM1(5.2a)',
'5.2(1)SM1(5.2b)',
'5.2(1)SM1(5.2c)',
'5.2(1)SM3(1.1)',
'5.2(1)SM3(1.1a)',
'5.2(1)SM3(1.1b)',
'5.2(1)SM3(1.1c)',
'5.2(1)SM3(2.1)',
'5.2(1)SV3(1.4)',
'5.2(1)SV3(1.1)',
'5.2(1)SV3(1.3)',
'5.2(1)SV3(1.5a)',
'5.2(1)SV3(1.5b)',
'5.2(1)SV3(1.6)',
'5.2(1)SV3(1.10)',
'5.2(1)SV3(1.15)',
'5.2(1)SV3(2.1)',
'5.2(1)SV3(2.5)',
'5.2(1)SV3(2.8)',
'5.2(1)SV3(3.1)',
'5.2(1)SV3(1.2)',
'5.2(1)SV3(1.4b)',
'5.2(1)SV3(3.15)',
'5.2(1)SV3(4.1)',
'5.2(1)SV3(4.1a)',
'5.2(1)SV3(4.1b)',
'5.2(1)SV3(4.1c)',
'5.2(1)SK3(1.1)',
'5.2(1)SK3(2.1)',
'5.2(1)SK3(2.2)',
'5.2(1)SK3(2.2b)',
'5.2(1)SK3(2.1a)',
'5.2(1)SV5(1.1)',
'5.2(1)SV5(1.2)',
'5.2(1)SV5(1.3)',
'5.2(1)SV5(1.3a)',
'5.2(1)SV5(1.3b)',
'5.2(1)SV5(1.3c)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^3[0-9]{2,3}")
{
version_list = make_list(
'6.0(2)A3(1)',
'6.0(2)A3(2)',
'6.0(2)A3(4)',
'6.0(2)A4(1)',
'6.0(2)A4(2)',
'6.0(2)A4(3)',
'6.0(2)A4(4)',
'6.0(2)A4(5)',
'6.0(2)A4(6)',
'6.0(2)A6(1)',
'6.0(2)A6(1a)',
'6.0(2)A6(2)',
'6.0(2)A6(2a)',
'6.0(2)A6(3)',
'6.0(2)A6(3a)',
'6.0(2)A6(4)',
'6.0(2)A6(4a)',
'6.0(2)A6(5)',
'6.0(2)A6(5a)',
'6.0(2)A6(5b)',
'6.0(2)A6(6)',
'6.0(2)A6(7)',
'6.0(2)A6(8)',
'6.0(2)A7(1)',
'6.0(2)A7(1a)',
'6.0(2)A7(2)',
'6.0(2)A7(2a)',
'6.0(2)A8(1)',
'6.0(2)A8(2)',
'6.0(2)A8(3)',
'6.0(2)A8(4)',
'6.0(2)A8(4a)',
'6.0(2)A8(5)',
'6.0(2)A8(6)',
'6.0(2)A8(7)',
'6.0(2)A8(7a)',
'6.0(2)A8(7b)',
'6.0(2)A8(8)',
'6.0(2)A8(9)',
'6.0(2)A8(10a)',
'6.0(2)A8(10)',
'6.0(2)A8(11)',
'6.0(2)A8(11a)',
'6.0(2)A8(11b)',
'6.0(2)U2(1)',
'6.0(2)U2(2)',
'6.0(2)U2(3)',
'6.0(2)U2(4)',
'6.0(2)U2(5)',
'6.0(2)U2(6)',
'6.0(2)U3(1)',
'6.0(2)U3(2)',
'6.0(2)U3(3)',
'6.0(2)U3(4)',
'6.0(2)U3(5)',
'6.0(2)U3(6)',
'6.0(2)U3(7)',
'6.0(2)U3(8)',
'6.0(2)U3(9)',
'6.0(2)U4(1)',
'6.0(2)U4(2)',
'6.0(2)U4(3)',
'6.0(2)U4(4)',
'6.0(2)U5(1)',
'6.0(2)U5(2)',
'6.0(2)U5(3)',
'6.0(2)U5(4)',
'6.0(2)U6(1)',
'6.0(2)U6(2)',
'6.0(2)U6(3)',
'6.0(2)U6(4)',
'6.0(2)U6(5)',
'6.0(2)U6(6)',
'6.0(2)U6(7)',
'6.0(2)U6(8)',
'6.0(2)U6(1a)',
'6.0(2)U6(2a)',
'6.0(2)U6(3a)',
'6.0(2)U6(4a)',
'6.0(2)U6(5a)',
'6.0(2)U6(5b)',
'6.0(2)U6(5c)',
'6.0(2)U6(9)',
'6.0(2)U6(10)',
'6.0(2)U6(10a)',
'7.0(3)F3(1)',
'7.0(3)F3(2)',
'7.0(3)F3(3)',
'7.0(3)F3(3a)',
'7.0(3)F3(4)',
'7.0(3)F3(3c)',
'7.0(3)F3(5)',
'7.0(3)I2(2a)',
'7.0(3)I2(2b)',
'7.0(3)I2(2c)',
'7.0(3)I2(2d)',
'7.0(3)I2(2e)',
'7.0(3)I2(3)',
'7.0(3)I2(4)',
'7.0(3)I2(5)',
'7.0(3)I2(1)',
'7.0(3)I2(1a)',
'7.0(3)I2(2)',
'7.0(3)I2(2r)',
'7.0(3)I2(2s)',
'7.0(3)I2(2v)',
'7.0(3)I2(2w)',
'7.0(3)I2(2x)',
'7.0(3)I2(2y)',
'7.0(3)I3(1)',
'7.0(3)I4(1)',
'7.0(3)I4(2)',
'7.0(3)I4(3)',
'7.0(3)I4(4)',
'7.0(3)I4(5)',
'7.0(3)I4(6)',
'7.0(3)I4(7)',
'7.0(3)I4(8)',
'7.0(3)I4(8a)',
'7.0(3)I4(8b)',
'7.0(3)I4(8z)',
'7.0(3)I4(1t)',
'7.0(3)I4(6t)',
'7.0(3)I4(9)',
'7.0(3)I5(1)',
'7.0(3)I5(2)',
'7.0(3)I5(3)',
'7.0(3)I5(3a)',
'7.0(3)I5(3b)',
'7.0(3)I6(1)',
'7.0(3)I6(2)',
'7.0(3)I7(1)',
'7.0(3)I7(2)',
'7.0(3)I7(3)',
'7.0(3)I7(4)',
'7.0(3)I7(5)',
'7.0(3)I7(5a)',
'7.0(3)I7(3z)',
'7.0(3)I7(6)',
'7.0(3)I7(6z)',
'7.0(3)I7(7)',
'7.0(3)I7(8)',
'7.0(3)I7(9)',
'7.0(3)I7(9w)',
'7.0(3)I7(10)',
'9.2(1)',
'9.2(2)',
'9.2(2t)',
'9.2(3)',
'9.2(3y)',
'9.2(4)',
'9.2(2v)',
'7.0(3)IC4(4)',
'7.0(3)IM7(2)',
'9.3(1)',
'9.3(2)',
'9.3(3)',
'9.3(4)',
'9.3(5)',
'9.3(6)',
'9.3(7)',
'9.3(7k)',
'9.3(7a)',
'9.3(8)',
'9.3(9)',
'9.3(10)',
'10.1(1)',
'10.1(2)',
'10.1(2t)',
'10.2(1)',
'10.2(2)',
'10.2(3)',
'10.2(3t)',
'10.2(4)',
'10.3(1)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^7[0-9]{2,3}")
{
version_list = make_list(
'6.2(2)',
'6.2(2a)',
'6.2(6)',
'6.2(6b)',
'6.2(8)',
'6.2(8a)',
'6.2(8b)',
'6.2(10)',
'6.2(12)',
'6.2(18)',
'6.2(16)',
'6.2(14b)',
'6.2(14)',
'6.2(14a)',
'6.2(6a)',
'6.2(20)',
'6.2(20a)',
'6.2(22)',
'6.2(24)',
'6.2(24a)',
'6.2(26)',
'7.2(0)D1(1)',
'7.2(1)D1(1)',
'7.2(2)D1(2)',
'7.2(2)D1(1)',
'7.2(2)D1(3)',
'7.2(2)D1(4)',
'7.3(0)D1(1)',
'7.3(0)DX(1)',
'7.3(1)D1(1)',
'7.3(2)D1(1)',
'7.3(2)D1(2)',
'7.3(2)D1(3)',
'7.3(2)D1(3a)',
'7.3(2)D1(1d)',
'8.0(1)',
'8.1(1)',
'8.1(2)',
'8.1(2a)',
'8.2(1)',
'8.2(2)',
'8.2(3)',
'8.2(4)',
'8.2(5)',
'8.2(6)',
'8.2(7)',
'8.2(7a)',
'8.2(8)',
'8.2(9)',
'8.3(1)',
'8.3(2)',
'7.3(3)D1(1)',
'7.3(4)D1(1)',
'8.4(1)',
'8.4(2)',
'8.4(3)',
'8.4(4)',
'8.4(4a)',
'8.4(5)',
'8.4(6)',
'8.4(6a)',
'7.3(5)D1(1)',
'7.3(6)D1(1)',
'7.3(7)D1(1)',
'7.3(8)D1(1)',
'7.3(9)D1(1)'
);
}
if ('MDS' >< product_info.device && product_info.model =~ "^9[0-9]{2,3}")
{
version_list = make_list(
'6.2(1)',
'6.2(3)',
'6.2(5)',
'6.2(5a)',
'6.2(5b)',
'6.2(7)',
'6.2(9)',
'6.2(9a)',
'6.2(9b)',
'6.2(9c)',
'6.2(11)',
'6.2(11b)',
'6.2(11c)',
'6.2(11d)',
'6.2(11e)',
'6.2(13)',
'6.2(13a)',
'6.2(13b)',
'6.2(15)',
'6.2(17)',
'6.2(19)',
'6.2(21)',
'6.2(23)',
'6.2(25)',
'6.2(17a)',
'6.2(27)',
'6.2(29)',
'6.2(31)',
'6.2(33)',
'7.3(0)D1(1)',
'7.3(0)DY(1)',
'7.3(1)D1(1)',
'7.3(1)DY(1)',
'8.1(1)',
'8.1(1a)',
'8.1(1b)',
'8.2(1)',
'8.2(2)',
'8.3(1)',
'8.3(2)',
'9.2(1)',
'9.2(2)',
'9.2(1a)',
'8.4(1)',
'8.4(1a)',
'8.4(2)',
'8.4(2a)',
'8.4(2b)',
'8.4(2c)',
'8.4(2d)',
'8.4(2e)',
'9.3(1)',
'8.5(1)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^9[0-9]{2,3}")
{
version_list = make_list(
'7.0(3)F1(1)',
'7.0(3)F2(1)',
'7.0(3)F2(2)',
'7.0(3)F3(1)',
'7.0(3)F3(3)',
'7.0(3)F3(3a)',
'7.0(3)F3(4)',
'7.0(3)F3(3c)',
'7.0(3)F3(5)',
'7.0(3)I2(2a)',
'7.0(3)I2(2b)',
'7.0(3)I2(2c)',
'7.0(3)I2(2d)',
'7.0(3)I2(2e)',
'7.0(3)I2(3)',
'7.0(3)I2(4)',
'7.0(3)I2(5)',
'7.0(3)I2(1)',
'7.0(3)I2(1a)',
'7.0(3)I2(2)',
'7.0(3)I2(2r)',
'7.0(3)I2(2s)',
'7.0(3)I2(2v)',
'7.0(3)I2(2w)',
'7.0(3)I2(2x)',
'7.0(3)I2(2y)',
'7.0(3)I3(1)',
'7.0(3)I4(1)',
'7.0(3)I4(2)',
'7.0(3)I4(3)',
'7.0(3)I4(4)',
'7.0(3)I4(5)',
'7.0(3)I4(6)',
'7.0(3)I4(7)',
'7.0(3)I4(8)',
'7.0(3)I4(8a)',
'7.0(3)I4(8b)',
'7.0(3)I4(8z)',
'7.0(3)I4(1t)',
'7.0(3)I4(6t)',
'7.0(3)I4(9)',
'7.0(3)I5(1)',
'7.0(3)I5(2)',
'7.0(3)I5(3)',
'7.0(3)I5(3a)',
'7.0(3)I5(3b)',
'7.0(3)I6(1)',
'7.0(3)I6(2)',
'7.0(3)I7(1)',
'7.0(3)I7(2)',
'7.0(3)I7(3)',
'7.0(3)I7(4)',
'7.0(3)I7(5)',
'7.0(3)I7(5a)',
'7.0(3)I7(3z)',
'7.0(3)I7(6)',
'7.0(3)I7(7)',
'7.0(3)I7(8)',
'7.0(3)I7(9)',
'7.0(3)I7(9w)',
'7.0(3)I7(10)',
'9.2(1)',
'9.2(2)',
'9.2(3)',
'9.2(3y)',
'9.2(4)',
'7.0(3)IA7(1)',
'7.0(3)IA7(2)',
'7.0(3)IC4(4)',
'7.0(3)IM3(1)',
'7.0(3)IM3(2)',
'7.0(3)IM3(2a)',
'7.0(3)IM3(2b)',
'7.0(3)IM3(3)',
'9.3(1)',
'9.3(2)',
'9.3(3)',
'9.3(1z)',
'9.3(4)',
'9.3(5)',
'9.3(6)',
'9.3(5w)',
'9.3(7)',
'9.3(7k)',
'9.3(7a)',
'9.3(8)',
'9.3(9)',
'9.3(10)',
'10.1(1)',
'10.1(2)',
'10.2(1)',
'10.2(1q)',
'10.2(2)',
'10.2(3)',
'10.2(2a)',
'10.2(3t)',
'10.2(4)',
'10.3(1)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^5[0-9]{2,3}")
{
version_list = make_list(
'7.1(0)N1(1a)',
'7.1(0)N1(1b)',
'7.1(0)N1(1)',
'7.1(1)N1(1)',
'7.1(1)N1(1a)',
'7.1(2)N1(1)',
'7.1(2)N1(1a)',
'7.1(3)N1(1)',
'7.1(3)N1(2)',
'7.1(3)N1(5)',
'7.1(3)N1(4)',
'7.1(3)N1(3)',
'7.1(3)N1(2a)',
'7.1(4)N1(1)',
'7.1(4)N1(1d)',
'7.1(4)N1(1c)',
'7.1(4)N1(1a)',
'7.1(5)N1(1)',
'7.1(5)N1(1b)',
'7.3(0)N1(1)',
'7.3(0)N1(1b)',
'7.3(0)N1(1a)',
'7.3(1)N1(1)',
'7.3(2)N1(1)',
'7.3(2)N1(1b)',
'7.3(2)N1(1c)',
'7.3(3)N1(1)',
'7.3(4)N1(1)',
'7.3(4)N1(1a)',
'7.3(5)N1(1)',
'7.3(6)N1(1)',
'7.3(6)N1(1a)',
'7.3(7)N1(1)',
'7.3(7)N1(1a)',
'7.3(7)N1(1b)',
'7.3(8)N1(1)',
'7.3(8)N1(1a)',
'7.3(8)N1(1b)',
'7.3(9)N1(1)',
'7.3(10)N1(1)',
'7.3(11)N1(1)',
'7.3(11)N1(1a)',
'7.3(12)N1(1)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^6[0-9]{2,3}")
{
version_list = make_list(
'7.1(0)N1(1a)',
'7.1(0)N1(1b)',
'7.1(0)N1(1)',
'7.1(1)N1(1)',
'7.1(1)N1(1a)',
'7.1(2)N1(1)',
'7.1(2)N1(1a)',
'7.1(3)N1(1)',
'7.1(3)N1(2)',
'7.1(3)N1(5)',
'7.1(3)N1(4)',
'7.1(3)N1(3)',
'7.1(3)N1(2a)',
'7.1(4)N1(1)',
'7.1(4)N1(1d)',
'7.1(4)N1(1c)',
'7.1(4)N1(1a)',
'7.1(5)N1(1)',
'7.1(5)N1(1b)',
'7.3(0)N1(1)',
'7.3(0)N1(1b)',
'7.3(0)N1(1a)',
'7.3(1)N1(1)',
'7.3(2)N1(1)',
'7.3(2)N1(1b)',
'7.3(2)N1(1c)',
'7.3(3)N1(1)',
'7.3(4)N1(1)',
'7.3(4)N1(1a)',
'7.3(5)N1(1)',
'7.3(6)N1(1)',
'7.3(6)N1(1a)',
'7.3(7)N1(1)',
'7.3(7)N1(1a)',
'7.3(7)N1(1b)',
'7.3(8)N1(1)',
'7.3(8)N1(1a)',
'7.3(8)N1(1b)',
'7.3(9)N1(1)',
'7.3(10)N1(1)',
'7.3(11)N1(1)',
'7.3(11)N1(1a)',
'7.3(12)N1(1)'
);
}
var reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCwd00653, CSCwd18009, CSCwd18011, CSCwd18012, CSCwd18013',
'disable_caveat', TRUE
);
cisco::check_and_report(
product_info:product_info,
reporting:reporting,
vuln_versions:version_list
);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20050
www.nessus.org/u?824d6bb6
www.nessus.org/u?c662ba3d
bst.cloudapps.cisco.com/bugsearch/bug/CSCwd00653
bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18009
bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18011
bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18012
bst.cloudapps.cisco.com/bugsearch/bug/CSCwd18013
Related
nessus
nessus
Cisco NX-OS Software CLI Command Injection (CVE-2023-20050)
2023-07-25 00:00:00
cvelist
cvelist
CVE-2023-20050 Cisco NX-OS Software CLI Command Injection Vulnerability
2023-02-23 00:00:00
prion
prion
Input validation
2023-02-23 20:15:00
cve
cve
CVE-2023-20050
2023-02-23 20:15:13
nvd
nvd
CVE-2023-20050
2023-02-23 20:15:13
cisco
cisco
Cisco NX-OS Software CLI Command Injection Vulnerability
2023-02-22 16:00:00