4 matches found
CVE-2023-20186
A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy...
Cisco IOS Software Command Authorization Bypass (cisco-sa-aaascp-Tyj4fEJm)
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Authentication, Authorization, and Accounting AAA feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and co...
CVE-2023-20186
creationtimestamp| type| source ---|---|--- 2023-09-27 22:36:03+00:00| seen| https://t.me/cibsecurity/71139...
CVE-2023-20186
Cisco IOS/IOS XE has a vulnerability in the AAA features that can allow an authenticated attacker with level 15 privileges to bypass command authorization and use SCP to copy files to or from the device. The root cause is incorrect SCP command processing within AAA authorization checks, enabling ...