Lucene search

[email protected]NVD:CVE-2023-20236

HistorySep 13, 2023 - 5:15 p.m.

CVE-2023-20236

2023-09-1317:15:09

CWE-345

CWE-347

[email protected]

web.nvd.nist.gov

ipxe boot function

cisco ios xr software

authenticated attacker

local attacker

unverified software image

insufficient image verification

boot parameters manipulation

exploit

unauthorized software installation

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

High

EPSS

Percentile

5.1%

JSON

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.

This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.

Affected configurations

Nvd

Node

ciscoios_xrRange<7.10.1

AND

cisco8201Match-

cisco8202Match-

cisco8208Match-

cisco8212Match-

cisco8218Match-

cisco8804Match-

cisco8808Match-

cisco8812Match-

cisco8818Match-

cisco8831Match-

ciscoasr_9000Match-

ciscoasr_9000vMatch-

ciscoasr_9001Match-

ciscoasr_9006Match-

ciscoasr_9010Match-

ciscoasr_9901Match-

ciscoasr_9902Match-

ciscoasr_9903Match-

ciscoasr_9904Match-

ciscoasr_9906Match-

ciscoasr_9910Match-

ciscoasr_9912Match-

ciscoasr_9920Match-

ciscoasr_9922Match-

cisconcs_1001Match-

cisconcs_1002Match-

cisconcs_1004Match-

cisconcs_4009Match-

cisconcs_4016Match-

cisconcs_4201Match-

cisconcs_4202Match-

cisconcs_4206Match-

cisconcs_4216Match-

cisconcs_5001Match-

cisconcs_5002Match-

cisconcs_5011Match-

cisconcs_540Match-

cisconcs_5500Match-

cisconcs_5501Match-

cisconcs_5501Matchse

cisconcs_5502Match-

cisconcs_5502Matchse

cisconcs_5504Match-

cisconcs_5508Match-

cisconcs_5516Match-

cisconcs_560Match-

cisconcs_560-4Match-

cisconcs_560-7Match-

cisconcs_57b1-5dse-sysMatch-

cisconcs_57b1-6d24-sysMatch-

cisconcs_57c1-48q6-sysMatch-

cisconcs_57c3-mod-sysMatch-

cisconcs_57c3-mods-sysMatch-

VendorProductVersionCPE
ciscoios_xr*cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
cisco8201-cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*
cisco8202-cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*
cisco8208-cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*
cisco8212-cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*
cisco8218-cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*
cisco8804-cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*
cisco8808-cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*
cisco8812-cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*
cisco8818-cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	*	cpe:2.3:o:cisco:ios_xr::::::::
cisco	8201	-	cpe:2.3:h:cisco:8201:-:::::::*
cisco	8202	-	cpe:2.3:h:cisco:8202:-:::::::*
cisco	8208	-	cpe:2.3:h:cisco:8208:-:::::::*
cisco	8212	-	cpe:2.3:h:cisco:8212:-:::::::*
cisco	8218	-	cpe:2.3:h:cisco:8218:-:::::::*
cisco	8804	-	cpe:2.3:h:cisco:8804:-:::::::*
cisco	8808	-	cpe:2.3:h:cisco:8808:-:::::::*
cisco	8812	-	cpe:2.3:h:cisco:8812:-:::::::*
cisco	8818	-	cpe:2.3:h:cisco:8818:-:::::::*