Lucene search

[email protected]NVD:CVE-2023-20266

HistoryAug 30, 2023 - 5:15 p.m.

CVE-2023-20266

2023-08-3017:15:08

CWE-269

CWE-347

[email protected]

web.nvd.nist.gov

cisco

emergency responder

unified communications manager

unity connection

privilege escalation

authenticated

remote attacker

file restriction

upgrade

platform administrator credentials

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

47.0%

JSON

A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device.

This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device.

Affected configurations

Nvd

Node

ciscoemergency_responderMatch12.5.1su4

ciscoemergency_responderMatch12.5.1su8a

ciscoemergency_responderMatch14su3

ciscounified_communications_managerMatch12.5.1su8-

ciscounified_communications_managerMatch12.5.1su8session_management

ciscounity_connectionMatch12.5\(1\)su6

ciscounity_connectionMatch12.5\(1\)su7

ciscounity_connectionMatch12.5\(1\)su8

ciscounity_connectionMatch14su2

ciscounity_connectionMatch14su3

VendorProductVersionCPE
ciscoemergency_responder12.5.1su4cpe:2.3:a:cisco:emergency_responder:12.5.1su4:*:*:*:*:*:*:*
ciscoemergency_responder12.5.1su8acpe:2.3:a:cisco:emergency_responder:12.5.1su8a:*:*:*:*:*:*:*
ciscoemergency_responder14su3cpe:2.3:a:cisco:emergency_responder:14su3:*:*:*:*:*:*:*
ciscounified_communications_manager12.5.1su8cpe:2.3:a:cisco:unified_communications_manager:12.5.1su8:*:*:*:-:*:*:*
ciscounified_communications_manager12.5.1su8cpe:2.3:a:cisco:unified_communications_manager:12.5.1su8:*:*:*:session_management:*:*:*
ciscounity_connection12.5(1)su6cpe:2.3:a:cisco:unity_connection:12.5\(1\)su6:*:*:*:*:*:*:*
ciscounity_connection12.5(1)su7cpe:2.3:a:cisco:unity_connection:12.5\(1\)su7:*:*:*:*:*:*:*
ciscounity_connection12.5(1)su8cpe:2.3:a:cisco:unity_connection:12.5\(1\)su8:*:*:*:*:*:*:*
ciscounity_connection14su2cpe:2.3:a:cisco:unity_connection:14su2:*:*:*:*:*:*:*
ciscounity_connection14su3cpe:2.3:a:cisco:unity_connection:14su3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	emergency_responder	12.5.1su4	cpe:2.3:a:cisco:emergency_responder:12.5.1su4:::::::*
cisco	emergency_responder	12.5.1su8a	cpe:2.3:a:cisco:emergency_responder:12.5.1su8a:::::::*
cisco	emergency_responder	14su3	cpe:2.3:a:cisco:emergency_responder:14su3:::::::*
cisco	unified_communications_manager	12.5.1su8	cpe:2.3:a:cisco:unified_communications_manager:12.5.1su8::::-:::
cisco	unified_communications_manager	12.5.1su8	cpe:2.3:a:cisco:unified_communications_manager:12.5.1su8::::session_management:::
cisco	unity_connection	12.5(1)su6	cpe:2.3:a:cisco:unity_connection:12.5\(1\)su6:::::::*
cisco	unity_connection	12.5(1)su7	cpe:2.3:a:cisco:unity_connection:12.5\(1\)su7:::::::*
cisco	unity_connection	12.5(1)su8	cpe:2.3:a:cisco:unity_connection:12.5\(1\)su8:::::::*
cisco	unity_connection	14su2	cpe:2.3:a:cisco:unity_connection:14su2:::::::*
cisco	unity_connection	14su3	cpe:2.3:a:cisco:unity_connection:14su3:::::::*