Lucene search

[email protected]NVD:CVE-2023-20065

HistoryMar 23, 2023 - 5:15 p.m.

CVE-2023-20065

2023-03-2317:15:14

CWE-284

[email protected]

web.nvd.nist.gov

cisco iox

vulnerability

elevate privileges

root

local attacker

cisco ios xe software

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device.

This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Affected configurations

NVD

Node

ciscoios_xeMatch17.6.3

ciscoios_xeMatch17.11.1

AND

cisco1000_integrated_services_routerMatch-

cisco1100-4g_integrated_services_routerMatch-

cisco1100-4p_integrated_services_routerMatch-

cisco1100-6g_integrated_services_routerMatch-

cisco1100-8p_integrated_services_routerMatch-

cisco1100_integrated_services_routerMatch-

cisco1101-4p_integrated_services_routerMatch-

cisco1101_integrated_services_routerMatch-

cisco1109-2p_integrated_services_routerMatch-

cisco1109-4p_integrated_services_routerMatch-

cisco1109_integrated_services_routerMatch-

cisco1111x-8p_integrated_services_routerMatch-

cisco1111x_integrated_services_routerMatch-

cisco111x_integrated_services_routerMatch-

cisco1120_integrated_services_routerMatch-

cisco1131_integrated_services_routerMatch-

cisco1160_integrated_services_routerMatch-

cisco4000_integrated_services_routerMatch-

cisco4221_integrated_services_routerMatch-

cisco4321_integrated_services_routerMatch-

cisco4331_integrated_services_routerMatch-

cisco4351_integrated_services_routerMatch-

cisco4431_integrated_services_routerMatch-

cisco4451-x_integrated_services_routerMatch-

cisco4451_integrated_services_routerMatch-

cisco4461_integrated_services_routerMatch-

cisco8101-32fhMatch-

cisco8101-32hMatch-

cisco8102-64hMatch-

cisco8201Match-

cisco8201-32fhMatch-

cisco8202Match-

cisco8800_12-slotMatch-

cisco8800_18-slotMatch-

cisco8800_4-slotMatch-

cisco8800_8-slotMatch-

cisco8804Match-

cisco8808Match-

cisco8812Match-

cisco8818Match-

cisco8831Match-

cisco9800-40Match-

cisco9800-80Match-

cisco9800-clMatch-

cisco9800-lMatch-

ciscoasr_1000Match-

ciscoasr_1000-esp100Match-

ciscoasr_1000-esp100-xMatch-

ciscoasr_1000-esp200-xMatch-

ciscoasr_1001Match-

ciscoasr_1001-hxMatch-

ciscoasr_1001-hx_rMatch-

ciscoasr_1001-xMatch-

ciscoasr_1001-x_rMatch-

ciscoasr_1002Match-

ciscoasr_1002-hxMatch-

ciscoasr_1002-hx_rMatch-

ciscoasr_1002-xMatch-

ciscoasr_1002-x_rMatch-

ciscoasr_1004Match-

ciscoasr_1006Match-

ciscoasr_1006-xMatch-

ciscoasr_1009-xMatch-

ciscoasr_1013Match-

ciscoasr_1023Match-

ciscoasr_900Match-

ciscoasr_9000Match-

ciscoasr_9000vMatch-

ciscoasr_9000vMatchv2

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_901-12c-f-dMatch-

ciscoasr_901-12c-ft-dMatch-

ciscoasr_901-4c-f-dMatch-

ciscoasr_901-4c-ft-dMatch-

ciscoasr_901-6cz-f-aMatch-

ciscoasr_901-6cz-f-dMatch-

ciscoasr_901-6cz-fs-aMatch-

ciscoasr_901-6cz-fs-dMatch-

ciscoasr_901-6cz-ft-aMatch-

ciscoasr_901-6cz-ft-dMatch-

ciscoasr_9010Match-

ciscoasr_901s-2sg-f-ahMatch-

ciscoasr_901s-2sg-f-dMatch-

ciscoasr_901s-3sg-f-ahMatch-

ciscoasr_901s-3sg-f-dMatch-

ciscoasr_901s-4sg-f-dMatch-

ciscoasr_902Match-

ciscoasr_902uMatch-

ciscoasr_903Match-

ciscoasr_907Match-

ciscoasr_914Match-

ciscoasr_920-10sz-pdMatch-

ciscoasr_920-10sz-pd_rMatch-

ciscoasr_920-12cz-aMatch-

ciscoasr_920-12cz-a_rMatch-

ciscoasr_920-12cz-dMatch-

ciscoasr_920-12cz-d_rMatch-

ciscoasr_920-12sz-imMatch-

ciscoasr_920-12sz-im_rMatch-

ciscoasr_920-24sz-imMatch-

ciscoasr_920-24sz-im_rMatch-

ciscoasr_920-24sz-mMatch-

ciscoasr_920-24sz-m_rMatch-

ciscoasr_920-24tz-mMatch-

ciscoasr_920-24tz-m_rMatch-

ciscoasr_920-4sz-aMatch-

ciscoasr_920-4sz-a_rMatch-

ciscoasr_920-4sz-dMatch-

ciscoasr_920-4sz-d_rMatch-

ciscoasr_920u-12sz-imMatch-

ciscoasr_9901Match-

ciscoasr_9902Match-

ciscoasr_9903Match-

ciscoasr_9904Match-

ciscoasr_9906Match-

ciscoasr_9910Match-

ciscoasr_9912Match-

ciscoasr_9920Match-

ciscoasr_9922Match-

ciscocatalyst_3850Match-

ciscocatalyst_3850-12s-eMatch-

ciscocatalyst_3850-12s-sMatch-

ciscocatalyst_3850-12x48uMatch-

ciscocatalyst_3850-12xs-eMatch-

ciscocatalyst_3850-12xs-sMatch-

ciscocatalyst_3850-16xs-eMatch-

ciscocatalyst_3850-16xs-sMatch-

ciscocatalyst_3850-24p-eMatch-

ciscocatalyst_3850-24p-lMatch-

ciscocatalyst_3850-24p-sMatch-

ciscocatalyst_3850-24pw-sMatch-

ciscocatalyst_3850-24s-eMatch-

ciscocatalyst_3850-24s-sMatch-

ciscocatalyst_3850-24t-eMatch-

ciscocatalyst_3850-24t-lMatch-

ciscocatalyst_3850-24t-sMatch-

ciscocatalyst_3850-24uMatch-

ciscocatalyst_3850-24u-eMatch-

ciscocatalyst_3850-24u-lMatch-

ciscocatalyst_3850-24u-sMatch-

ciscocatalyst_3850-24xsMatch-

ciscocatalyst_3850-24xs-eMatch-

ciscocatalyst_3850-24xs-sMatch-

ciscocatalyst_3850-24xuMatch-

ciscocatalyst_3850-24xu-eMatch-

ciscocatalyst_3850-24xu-lMatch-

ciscocatalyst_3850-24xu-sMatch-

ciscocatalyst_3850-32xs-eMatch-

ciscocatalyst_3850-32xs-sMatch-

ciscocatalyst_3850-48f-eMatch-

ciscocatalyst_3850-48f-lMatch-

ciscocatalyst_3850-48f-sMatch-

ciscocatalyst_3850-48p-eMatch-

ciscocatalyst_3850-48p-lMatch-

ciscocatalyst_3850-48p-sMatch-

ciscocatalyst_3850-48pw-sMatch-

ciscocatalyst_3850-48t-eMatch-

ciscocatalyst_3850-48t-lMatch-

ciscocatalyst_3850-48t-sMatch-

ciscocatalyst_3850-48uMatch-

ciscocatalyst_3850-48u-eMatch-

ciscocatalyst_3850-48u-lMatch-

ciscocatalyst_3850-48u-sMatch-

ciscocatalyst_3850-48xsMatch-

ciscocatalyst_3850-48xs-eMatch-

ciscocatalyst_3850-48xs-f-eMatch-

ciscocatalyst_3850-48xs-f-sMatch-

ciscocatalyst_3850-48xs-sMatch-

ciscocatalyst_3850-nm-2-40gMatch-

ciscocatalyst_3850-nm-8-10gMatch-

ciscocatalyst_8200Match-

ciscocatalyst_8300Match-

ciscocatalyst_8300-1n1s-4t2xMatch-

ciscocatalyst_8300-1n1s-6tMatch-

ciscocatalyst_8300-2n2s-4t2xMatch-

ciscocatalyst_8300-2n2s-6tMatch-

ciscocatalyst_8500Match-

ciscocatalyst_8500-4qcMatch-

ciscocatalyst_8500lMatch-

ciscocatalyst_8510csrMatch-

ciscocatalyst_8510msrMatch-

ciscocatalyst_8540csrMatch-

ciscocatalyst_8540msrMatch-

ciscocatalyst_9200Match-

ciscocatalyst_9200cxMatch-

ciscocatalyst_9200lMatch-

ciscocatalyst_9300Match-

ciscocatalyst_9300-24p-aMatch-

ciscocatalyst_9300-24p-eMatch-

ciscocatalyst_9300-24s-aMatch-

ciscocatalyst_9300-24s-eMatch-

ciscocatalyst_9300-24t-aMatch-

ciscocatalyst_9300-24t-eMatch-

ciscocatalyst_9300-24u-aMatch-

ciscocatalyst_9300-24u-eMatch-

ciscocatalyst_9300-24ux-aMatch-

ciscocatalyst_9300-24ux-eMatch-

ciscocatalyst_9300-48p-aMatch-

ciscocatalyst_9300-48p-eMatch-

ciscocatalyst_9300-48s-aMatch-

ciscocatalyst_9300-48s-eMatch-

ciscocatalyst_9300-48t-aMatch-

ciscocatalyst_9300-48t-eMatch-

ciscocatalyst_9300-48u-aMatch-

ciscocatalyst_9300-48u-eMatch-

ciscocatalyst_9300-48un-aMatch-

ciscocatalyst_9300-48un-eMatch-

ciscocatalyst_9300-48uxm-aMatch-

ciscocatalyst_9300-48uxm-eMatch-

ciscocatalyst_9300lMatch-

ciscocatalyst_9300l-24p-4g-aMatch-

ciscocatalyst_9300l-24p-4g-eMatch-

ciscocatalyst_9300l-24p-4x-aMatch-

ciscocatalyst_9300l-24p-4x-eMatch-

ciscocatalyst_9300l-24t-4g-aMatch-

ciscocatalyst_9300l-24t-4g-eMatch-

ciscocatalyst_9300l-24t-4x-aMatch-

ciscocatalyst_9300l-24t-4x-eMatch-

ciscocatalyst_9300l-48p-4g-aMatch-

ciscocatalyst_9300l-48p-4g-eMatch-

ciscocatalyst_9300l-48p-4x-aMatch-

ciscocatalyst_9300l-48p-4x-eMatch-

ciscocatalyst_9300l-48t-4g-aMatch-

ciscocatalyst_9300l-48t-4g-eMatch-

ciscocatalyst_9300l-48t-4x-aMatch-

ciscocatalyst_9300l-48t-4x-eMatch-

ciscocatalyst_9300l_stackMatch-

ciscocatalyst_9300lmMatch-

ciscocatalyst_9300xMatch-

ciscocatalyst_9400Match-

ciscocatalyst_9400_supervisor_engine-1Match-

ciscocatalyst_9407rMatch-

ciscocatalyst_9410rMatch-

ciscocatalyst_9500Match-

ciscocatalyst_9500hMatch-

ciscocatalyst_9600Match-

ciscocatalyst_9600_supervisor_engine-1Match-

ciscocatalyst_9600xMatch-

ciscocatalyst_9800Match-

ciscocatalyst_9800-40Match-

ciscocatalyst_9800-40_wireless_controllerMatch-

ciscocatalyst_9800-80Match-

ciscocatalyst_9800-80_wireless_controllerMatch-

ciscocatalyst_9800-clMatch-

ciscocatalyst_9800-lMatch-

ciscocatalyst_9800-l-cMatch-

ciscocatalyst_9800-l-fMatch-

ciscocatalyst_9800_embedded_wireless_controllerMatch-

ciscocatalyst_ie3200Match-

ciscocatalyst_ie3200_rugged_switchMatch-

ciscocatalyst_ie3300Match-

ciscocatalyst_ie3300_rugged_switchMatch-

ciscocatalyst_ie3400Match-

ciscocatalyst_ie3400_heavy_duty_switchMatch-

ciscocatalyst_ie3400_rugged_switchMatch-

ciscocatalyst_ie9300Match-

ciscocbr-8Match-

ciscocg418-eMatch-

ciscocg522-eMatch-

ciscoesr6300Match-

ciscoess-3300-24t-con-aMatch-

ciscoess-3300-24t-con-eMatch-

ciscoess-3300-24t-ncp-aMatch-

ciscoess-3300-24t-ncp-eMatch-

ciscoess-3300-con-aMatch-

ciscoess-3300-con-eMatch-

ciscoess-3300-ncp-aMatch-

ciscoess-3300-ncp-eMatch-

ciscoess9300-10x-eMatch-

ciscointegrated_services_virtual_routerMatch-

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-20065

cisco1 prion1 nessus1 cve1 cvelist1