All the vulnerabilites related to cisco - 809_industrial_integrated_services_router
cve-2021-1460
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:03:18.333086Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:34:03.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-24T20:06:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-dos-4Fgcjh6",
        "defect": [
          [
            "CSCvt74967",
            "CSCvu19405",
            "CSCvv02734",
            "CSCvv02834"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Framework  Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-03-24T16:00:00",
          "ID": "CVE-2021-1460",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOx Application Framework  Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iox-dos-4Fgcjh6",
          "defect": [
            [
              "CSCvt74967",
              "CSCvu19405",
              "CSCvv02734",
              "CSCvv02834"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1460",
    "datePublished": "2021-03-24T20:06:50.388114Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:34:03.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0163
Vulnerability from cvelistv5
Published
2018-03-28 22:00
Modified
2024-12-02 20:54
Severity ?
Summary
A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.
References
http://www.securityfocus.com/bid/103571vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1xx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "103571",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103571"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0163",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T18:54:20.403835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T20:54:54.828Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS"
            }
          ]
        }
      ],
      "datePublic": "2018-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-03T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "103571",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103571"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0163",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "103571",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103571"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0163",
    "datePublished": "2018-03-28T22:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T20:54:54.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3426
Vulnerability from cvelistv5
Published
2020-09-24 18:01
Modified
2024-11-13 17:56
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRAvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.415Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200924 Cisco IOS Software for Cisco Industrial Routers  Virtual-LPWA  Unauthorized Access Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3426",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:43.554572Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:56:53.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS 15.2(6)E4",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T18:01:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200924 Cisco IOS Software for Cisco Industrial Routers  Virtual-LPWA  Unauthorized Access Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ios-lpwa-access-cXsD7PRA",
        "defect": [
          [
            "CSCvr53526"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS Software for Cisco Industrial Routers  Virtual-LPWA  Unauthorized Access Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-09-24T16:00:00",
          "ID": "CVE-2020-3426",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS Software for Cisco Industrial Routers  Virtual-LPWA  Unauthorized Access Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS 15.2(6)E4",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200924 Cisco IOS Software for Cisco Industrial Routers  Virtual-LPWA  Unauthorized Access Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ios-lpwa-access-cXsD7PRA",
          "defect": [
            [
              "CSCvr53526"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3426",
    "datePublished": "2020-09-24T18:01:14.219272Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T17:56:53.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20076
Vulnerability from cvelistv5
Published
2023-02-12 00:00
Modified
2024-10-28 16:34
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20076",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T16:19:27.545112Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T16:34:17.566Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-02-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-233",
              "description": "CWE-233",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-05T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-8whGn5dL",
        "defect": [
          [
            "CSCwc66882"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Hosting Environment Command Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20076",
    "datePublished": "2023-02-12T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-28T16:34:17.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2018-03-28 22:29
Modified
2024-11-21 03:37
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/103571Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1xVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103571Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1xVendor Advisory
Impacted products
Vendor Product Version
cisco ios 15.4\(3\)m6
cisco ios 15.4\(3\)m6a
cisco ios 15.4\(3\)m7
cisco ios 15.4\(3\)m7a
cisco ios 15.4\(3\)m8
cisco ios 15.4\(3.0i\)m6
cisco ios 15.5\(3\)m3
cisco ios 15.5\(3\)m4
cisco ios 15.5\(3\)m4a
cisco ios 15.5\(3\)m4b
cisco ios 15.5\(3\)m4c
cisco ios 15.5\(3\)m5
cisco ios 15.5\(3\)m5a
cisco ios 15.5\(3\)m6
cisco ios 15.5\(3\)m6a
cisco ios 15.6\(1\)t2
cisco ios 15.6\(1\)t3
cisco ios 15.6\(2\)t1
cisco ios 15.6\(2\)t2
cisco ios 15.6\(2\)t3
cisco ios 15.6\(3\)m
cisco ios 15.6\(3\)m0a
cisco ios 15.6\(3\)m1
cisco ios 15.6\(3\)m1a
cisco ios 15.6\(3\)m1b
cisco ios 15.6\(3\)m2
cisco ios 15.6\(3\)m2a
cisco ios 15.6\(3\)m3
cisco ios 15.6\(3\)m3a
cisco ios 15.7\(3\)m
cisco ios 15.7\(3\)m0a
cisco ios 15.7\(3\)m1
cisco ios 15.7\(3\)m2
cisco 1120_connected_grid_router -
cisco 1240_connected_grid_router -
cisco 1905_serial_integrated_services_router -
cisco 1906c_integrated_services_router -
cisco 1921_integrated_services_router -
cisco 1941_integrated_services_router -
cisco 1941w_integrated_services_router -
cisco 2010_connected_grid_router -
cisco 2901_integrated_services_router -
cisco 2911_integrated_services_router -
cisco 2911a_integrated_services_router -
cisco 2921_integrated_services_router -
cisco 2951_integrated_services_router -
cisco 3925_integrated_services_router -
cisco 3925e_integrated_services_router -
cisco 3945_integrated_services_router -
cisco 3945e_integrated_services_router -
cisco 5915_embedded_service_router -
cisco 5921_embedded_services_router -
cisco 5940_embedded_services_router -
cisco 800_series_routers -
cisco 800m_integrated_services_router -
cisco 809_industrial_integrated_services_router -
cisco 812_3g_integrated_services_router -
cisco 812_cifi_integrated_services_router -
cisco 819_hardened_3g -
cisco 819_hardened_dual_radio_802.11n_wifi_integrated_services_router -
cisco 819_hardened_integrated_services_router -
cisco 819_integrated_services_router -
cisco 819_non-hardened_4g_lte_m2m -
cisco 819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router -
cisco 829_industrial_integrated_services_router -
cisco 860vae-w_integrated_services_router -
cisco 861_integrated_services_router -
cisco 861w_integrated_services_router -
cisco 866vae_integrated_services_router -
cisco 867vae_integrated_services_router -
cisco 880-voice_integrated_services_router -
cisco 881-cube_integrated_services_router -
cisco 881_3g -
cisco 881_3g_integrated_services_router -
cisco 881_secure_fast_ethernet -
cisco 881w_integrated_services_router -
cisco 886va-cube_integrated_services_router -
cisco 886va-w_integrated_services_router -
cisco 886va_integrated_services_router -
cisco 886vag_3g_integrated_services_router -
cisco 887_multi-mode_vdsl2\/asdl2\+_pots -
cisco 887va-cube_integrated_services_router -
cisco 887va-w_integrated_services_router -
cisco 887va_integrated_services_router -
cisco 887vag_3g_integrated_services_router -
cisco 887vagw_3g -
cisco 887vam-w_integrated_services_router -
cisco 887vamg_3g_integrated_services_router -
cisco 888-cube_integrated_services_router -
cisco 888_integrated_services_router -
cisco 888e-cube_integrated_services_router -
cisco 888e_integrated_services_router -
cisco 888eg_3g_integrated_services_router -
cisco 888w_integrated_services_router -
cisco 891-24x_integrated_services_router -
cisco 891_integrated_services_router -
cisco 891w_integrated_services_router -
cisco 892_integrated_services_router -
cisco 892f-cube_integrated_services_router -
cisco 892w_integrated_services_router -
cisco 896_multi-mode_vdsl2\/adsl2\+_isdn -
cisco 897_multi-mode_vdsl2\/adsl2\+_pots -
cisco 897_multi-mode_vdsl2\/adsl2\+_pots_annex_m -
cisco 898_secure_g.shdsl_efm\/atm -
cisco c866vae_integrated_services_router -
cisco c867vae_integrated_services_router -
cisco c881_integrated_services_router -
cisco c881w_integrated_services_router -
cisco c886va_integrated_services_routers -
cisco c886vaj_integrated_services_router -
cisco c887va_integrated_services_routers -
cisco c887vam_integrated_services_routers -
cisco c888_integrated_services_router -
cisco c888ea_integrated_services_router -
cisco c891f_integrated_services_routers -
cisco c891fw_integrated_services_router -
cisco c892fsp_integrated_services_router -
cisco c896va_integrated_services_router -
cisco c897va-m_integrated_services_router -
cisco c897va_integrated_services_router -
cisco c897vam-w_integrated_services_router -
cisco c897vaw_integrated_services_router -
cisco c898ea_integrated_services_router -
cisco c899_secure_gigabit_ethernet -
cisco vg204xm_analog_voice_gateway -
cisco vg350_analog_voice_gateway -
cisco vg3x0_analog_voice_gateway -
rockwellautomation stratix_5900 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "005EAD76-34BE-4E3F-8840-23F613661FE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2595B3E3-7FD4-4EFF-98A2-89156A657A0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB998A1F-BAEA-4B8F-BE49-1C282ED3952E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A55379B7-2787-4BE6-8960-204C074F4CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3\\)m8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AABDAB3-6329-48CF-BB49-DA2046AB9048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.4\\(3.0i\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3741E4BA-E70B-4571-8D80-76E16764BAA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09CD336D-1110-4B0C-B8D4-7C96293CBADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C580D9-A2EC-4CBB-87F5-1F5CBA23F73F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C427BA8-3A8C-4934-997B-6DDF9CEB96AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "90950C85-D631-4F60-AB3E-3ED1D74D56B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m4c:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD79CA0D-7D90-4955-969A-C25873B0B9D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7809674-4738-463E-B522-FC6C419E2A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBF3D5CF-5352-4CEA-865C-62CBB79778FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFD51F00-C219-439F-918E-9AF20A6E053A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.5\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BCB671-7ED0-43D5-894F-8B3DBF44E68E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E71F49D-E405-4AB4-9188-DA7B338DFD7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "204B0A52-F6AB-406B-B46D-E92F2D7D87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBF8B70-DFBE-4F6E-83F0-171F03E97606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA55D660-66C6-4278-8C27-25DB2712CC1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5609B342-D98E-4850-A0FE-810699A80A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "8320F23D-F6BE-405B-B645-1CEB984E8267",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7C5C705-6A8C-4834-9D24-CFE26A232C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "691BA27E-77AB-4A30-916D-3BB916B05298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC270E40-CABA-44B4-B4DD-E9C47A97770B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC1DB8C1-7F7D-4562-A317-87E925CAD524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1887D9-E339-4DC6-BE24-A5FF15438B2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB2645F-C3BF-458F-9D07-6D66E1953730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2A434E7-B27C-4663-BE83-39A650D22D26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C106CF-CBD3-4630-8E77-EDB1643F97E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1905_serial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13B293D3-4CF0-4FDA-B70D-371F54BF1F67",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2147DBF8-B733-4F76-90C5-9D94F1E93625",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9222CA59-F4FD-478D-83C9-566B389140B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2010_connected_grid_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65652B80-3B0D-4DCA-A57F-DF473CE80561",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2901_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3EA062-2C68-49C8-BFE3-BB7B59EE00BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2911_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4521999-53C8-4245-BE23-9EA9CBCDEE21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2911a_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E158EB-7DFD-4EC3-B057-FCFCB7074CB1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2921_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1773D4FE-5416-4A87-BF1C-F1BDF0E8D5C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:2951_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9185EDA0-2983-4E00-8985-5E76415DF427",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3925_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C34A26-E6E2-4651-822D-74F642D7A8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3925e_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "096C701F-8203-41FB-82DC-BB5C9263A292",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3945_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94332BC5-DD19-4422-B4E3-21D6E2BCA367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3945e_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB8466AE-B885-40BA-ADB8-C1058D95129C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5915_embedded_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77DE5576-90BE-4C25-8677-19009A8CD647",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5921_embedded_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58511A4E-43BD-49A8-87B8-532CEB51BB7A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5940_embedded_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EBF9DBE-0E5E-4E57-990D-0908F036ACAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:800_series_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE86F95-4B0D-4A21-AF52-685783919201",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:800m_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9F9D3C-8221-4C79-97A3-9FEA81DE977F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:812_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A0EEEB5-8305-4A57-9904-D81551FB6A81",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:812_cifi_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8D371C4-7034-4675-931D-E6A208FD901C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_hardened_3g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFAED93B-35B1-4738-A03F-4AEB158F8DC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_hardened_dual_radio_802.11n_wifi_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAF3EFC2-EF88-47E6-B174-7561A19FB543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_hardened_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30FCD835-282D-440A-833D-771F6EC7A93D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C054E067-52B9-4AB4-87CB-2B6A3B890FFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_non-hardened_4g_lte_m2m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74E5C08A-3091-4A4F-956B-1AD497F30DC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:819_non-hardened_secure_multi-mode_4g_lte_m2m_isr_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12140B3E-F3FE-436C-9B35-254F7AB7DC02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:860vae-w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9C511D-7D5E-4758-A335-70019EBD9F8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E109E908-78B9-44ED-8719-B057057C2185",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:861w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31F8D515-3D54-459F-8CE7-FFA91439C0D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:866vae_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "510B60EF-AA4D-469F-8EEF-133F354DDF55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:867vae_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D562373-BD3F-4690-928F-9FE0325A3379",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:880-voice_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB62165B-6CA9-4DD8-8A36-B658F61FF9EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:881-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA5ACE25-8C18-49B0-AFFC-17CB30F61930",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:881_3g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FD08336-5BBD-4133-892B-F67A692A5DA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:881_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB6E4CF5-D944-4281-94E5-72BC5437BC62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:881_secure_fast_ethernet:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A32A56-86F1-44A3-81F3-EBA72B0010E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:881w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "480629DC-DA23-4A9E-B90F-E8AB894C9353",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:886va-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D3EA60A-1BA9-43E8-AF81-914846C26CC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA7C5306-B810-4036-A241-7178F48ABE8E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5413C7E7-F55C-4158-ABDF-2D8844B96680",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:886vag_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6745ADF-DCE3-42C3-A548-F9E44AEE88CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887_multi-mode_vdsl2\\/asdl2\\+_pots:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "824EF0D0-B875-40C1-86D1-90CD3F7F1B2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887va-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1563AC8D-4E4D-4126-8C5D-84B449AAEF57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3945CCD-E6F5-412D-9935-160BCD664B10",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0C23393-F7BB-4BA9-81A5-C298D84EBF0B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887vag_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61B623C2-D81B-430B-9FD2-E2764EE94809",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887vagw_3g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAF439A3-3645-4574-A102-017354DE8131",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887vam-w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E07F6-1E92-4990-AEBC-DBFE4B5B2DE4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:887vamg_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08B77C60-06E0-47FF-8CD4-35FE5C60FF95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E97DA13-D485-42BE-A0E9-F40A0C823735",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E984A1EA-728A-4663-8494-1787AB5D93C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888e-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35D9B6C7-A707-41CD-953F-5773FB3F7685",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888e_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "716E154A-5586-4F58-8203-EC8256E00BAD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888eg_3g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC0F79A-52CA-46A6-9C6A-0596718053E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:888w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8054E665-E4DA-4453-A34B-830B69D273A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:891-24x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA480B3-25E2-4B05-9F46-417B696789B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "526558F9-C72D-4DDA-B0DF-CAF7B97E30C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:891w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4B9D069-85C0-4299-BCAF-441A2D6227BF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AFBDFF-3D83-4685-82EE-A9EA4DC09241",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:892f-cube_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB4AF464-B247-40CF-A2B5-1B278303418B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:892w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D674C533-304A-42A4-97EE-1CA39908E888",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:896_multi-mode_vdsl2\\/adsl2\\+_isdn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39CCB6E7-6AAD-4C27-942F-625A0B57A029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:897_multi-mode_vdsl2\\/adsl2\\+_pots:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D66DE9A-4B9F-443A-9DC2-6B44432D6663",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:897_multi-mode_vdsl2\\/adsl2\\+_pots_annex_m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A38258B-D065-4872-8E49-2169D6FEDC72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:898_secure_g.shdsl_efm\\/atm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D848BF-BD1E-4299-AA05-218144F9B8D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c866vae_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21302143-3B04-47A5-B434-874D4CDA0684",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c867vae_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1807A783-B5F1-4735-AE49-9E221EE75E8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c881_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF6FB2D3-1816-43C7-99A7-4F2D5E8860F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c881w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F508C7A1-F13A-4244-888B-5E05F750063D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c886va_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43E014D-9AD7-467B-86A1-5C0B94A2688A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c886vaj_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C5F298-30A3-40F5-B9E9-F34A8C19E60A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c887va_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EA0DA50-67B7-4AC4-A9CD-5EECD34B59C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c887vam_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "134AA9EA-0E47-4FD0-A87F-893F6128AC43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c888_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80C4E6F8-ED20-4C43-83C0-428D8543A3D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c888ea_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C23800E6-C99A-40A7-AED9-CE7D3B43AE5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c891f_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B282F195-F5D9-466A-A6A9-D79F3495212B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c891fw_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7E1648C-3622-4F71-98E6-E6CF679AB452",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c892fsp_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE85E76-B78E-4E87-88EA-982944D7F446",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c896va_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7559F8-560D-4E41-A547-1AFC19C80CCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c897va-m_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8821A4E0-947C-47BF-89DD-5C48DA3EF1F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c897va_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7CBBBD9-7B05-4CB1-8754-D0E790D4D30A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c897vam-w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C746068A-4BFF-4037-9D6F-7364A4825B42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c897vaw_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44EDBCAB-7642-4847-BFCD-E02A87E168D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c898ea_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F256369B-8D50-49C9-B566-700F5AA5FF72",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:c899_secure_gigabit_ethernet:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7132A5-8C2E-4DD2-8789-3DA7ECA2BEBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:vg204xm_analog_voice_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "699BEF9C-4EDD-48C5-A50A-B7BCBF8D5DEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:vg350_analog_voice_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0839661C-7E1C-4B34-A34E-EF4CC54238CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:vg3x0_analog_voice_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D57FD27-C856-4969-9746-840E90A8F873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:stratix_5900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D000E55-C5D4-421C-813B-59B6EB200000",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en e la caracter\u00edstica multiple-authentication (multi-auth) 802.1x de Cisco IOS Software podr\u00eda permitir que un atacante adyacente sin autenticar omita la fase de autenticaci\u00f3n en un puerto multi-auth 802.1x. Esta vulnerabilidad se debe a un error de cambio de l\u00f3gica introducido en el c\u00f3digo. Un atacante podr\u00eda explotar esta vulnerabilidad intentando acceder a un puerto multi-auth 802.1x despu\u00e9s de que un solicitante se haya autenticado con \u00e9xito. Un exploit podr\u00eda permitir que el atacante omita los controles de acceso 802.1x y obtenga acceso a la red. Cisco Bug IDs: CSCvg69701."
    }
  ],
  "id": "CVE-2018-0163",
  "lastModified": "2024-11-21T03:37:38.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-28T22:29:00.750",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103571"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dot1x"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6Vendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 809_industrial_integrated_services_router -
cisco 829_industrial_integrated_services_router -
cisco cgr1000_firmware *
cisco cgr1000 -
cisco ic3000_industrial_compute_gateway_firmware *
cisco ic3000_industrial_compute_gateway -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B678941-70A6-4DE9-BFA5-69C084BA584A",
              "versionEndExcluding": "15.9\\(3\\)m3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5F1EC30-07EA-48D0-B44E-517A1305785F",
              "versionEndExcluding": "1.12.0.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ic3000_industrial_compute_gateway_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC81DE1-1460-42FC-AAE4-BA9A2E81C88B",
              "versionEndExcluding": "1.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1DEE8B-C9B3-4E45-BBBD-C3DF2A61C349",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el Cisco IOx Application Framework de los Enrutadores Cisco 809 Industrial Integrated Services (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, y Cisco IC3000 Industrial Compute Gateway, podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio. (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a un manejo insuficiente de errores durante el procesamiento de paquetes.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una tasa alta y sostenida de tr\u00e1fico TCP dise\u00f1ado al servidor web IOx en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante cause que el servidor web IOx dejara de procesar peticiones, lo que resultar\u00eda en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-1460",
  "lastModified": "2024-11-21T05:44:24.730",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-24T20:15:15.777",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRAVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRAVendor Advisory
Impacted products
Vendor Product Version
cisco ios -
cisco 1120_connected_grid_router -
cisco 1240_connected_grid_router -
cisco 807_industrial_integrated_services_router -
cisco 809_industrial_integrated_services_router -
cisco 829_industrial_integrated_services_router -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6230A85-30D2-4934-A8A0-11499B7B09F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del subsistema Low Power, Wide Area (LPWA) de Cisco IOS Software para Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podr\u00eda permitir a un atacante remoto no autenticado conseguir acceso de lectura no autorizado a datos confidenciales o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a la falta de mecanismos de comprobaci\u00f3n de entrada para mensajes de m\u00f3dem de protocolo virtual-LPWA (VLPWA).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el suministro de paquetes dise\u00f1ados hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir acceso de lectura no autorizado a datos confidenciales o hacer que la interfaz VLPWA del dispositivo afectado se apague, resultando una condici\u00f3n DoS."
    }
  ],
  "id": "CVE-2020-3426",
  "lastModified": "2024-11-21T05:31:02.753",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-24T18:15:19.290",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-02-12 04:15
Modified
2024-11-21 07:40
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLVendor Advisory
Impacted products
Vendor Product Version
cisco ic3000_industrial_compute_gateway *
cisco iox -
cisco ios_xe *
cisco ios_xe *
cisco ios_xe 17.10.0
cisco cgr1240_firmware *
cisco cgr1240 -
cisco cgr1000_firmware *
cisco cgr1000 -
cisco ir510_wpan_firmware *
cisco ir510_wpan -
cisco 829_industrial_integrated_services_router_firmware *
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 829_industrial_integrated_services_router -
cisco 807_industrial_integrated_services_router_firmware *
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 807_industrial_integrated_services_router -
cisco 809_industrial_integrated_services_router_firmware *
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 809_industrial_integrated_services_router -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0123C40-42E9-4DA1-A333-1249D52FE05F",
              "versionEndExcluding": "1.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:iox:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E74F18-C63E-4A10-99C2-51907E199BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F708D7F-6673-489E-9B2D-796AF552D7A2",
              "versionEndExcluding": "17.6.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FC38B1-5F12-496F-8843-F119DB2D684C",
              "versionEndExcluding": "17.9.2",
              "versionStartIncluding": "17.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC868609-83CD-4FBA-A842-18CD4F07D8D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F343CE69-D1C6-4CB3-97CF-AC480FA6802D",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17050EB-5D47-4287-A2E7-518A811157A7",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF8D8F3-C04A-4A32-B7DF-7649506B83D1",
              "versionEndExcluding": "1.10.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A8B23B-89DC-4BD2-AC3B-E73169F42F6C",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E5C422-7131-49C5-B05C-11CDC97373BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "313940F2-909D-4BAB-BC1C-CA9419F4E9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "887AA4F7-7A63-4FAF-89E9-B992FF8C0F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1EEADC2-0938-48F8-8ED4-7A2643B6BAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79FD2A7-F49F-40CA-B721-AD222DD16CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95BEF3-E236-4B08-A3C5-210A094AB41E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D097582-7C84-4899-93C4-B16692A41302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "86891B33-4B66-48C1-933B-75187404B129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "372E3DB5-5296-4353-9A2B-0A8040F07BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FCE500-AD08-40CE-8956-2997C9200B41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB92E03-2956-4AC1-831F-152FCBA01092",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA00C2A-CFC0-498B-8EA7-989FA2B78A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "308D1626-255D-4266-B2E1-B6D34D7D8881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA3B170E-B248-4E9E-968B-A6320AAF3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E20439B8-530E-4C49-AFBE-5AFAC95BA994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDA253BF-10DF-4819-A165-9E9049B14D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA057DC-F9D9-4A96-9AAF-86303A4D21A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DF79F40-DA37-4A36-95BD-7FDD8D41783F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DB4FDC-3152-4144-A85B-920577D65BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "564BC14B-465D-4E3D-A37A-15ED0AE65AA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5612E330-FA91-4DA5-9D74-4E262769E388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF306339-36B4-4549-8C8D-C7530C575D9B",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA50E936-DFBC-4B6A-9AE3-763CBD2EA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8088D28-AA6B-4CA8-B120-9993D0C8035F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D568BB-6646-4366-8D8F-87B829AC018F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "352566DD-EF2B-49A0-9CFF-3C67152DE403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E645F0-179C-43F4-9B12-2485B3C1924C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C1A3AB-E91B-4A59-8E49-C7E722A97F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D4FD9E-A505-4819-B57D-458A24C7E0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A299F13E-02DD-490E-96F7-02BF7B21A46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACD17542-1D24-4D1B-A123-B773BA66326E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F1604-4189-4585-8E94-0BD1F02A125C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
    }
  ],
  "id": "CVE-2023-20076",
  "lastModified": "2024-11-21T07:40:29.813",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-12T04:15:19.287",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-233"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}