All the vulnerabilites related to cisco - catalyst_9105ax
cve-2023-20231
Vulnerability from cvelistv5
Published
2023-09-27 17:19
Modified
2024-10-24 16:43
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:36.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-webui-cmdij-FzZAeXAy",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:cisco:ios_xe_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ios_xe_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "16.12.9",
                "status": "affected",
                "version": "16.12.4",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "17.10.1b",
                "status": "affected",
                "version": "17.2.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20231",
                "options": [
                  {
                    "Exploitation": "None"
                  },
                  {
                    "Automatable": "No"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-15T16:37:40.087205Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T16:43:47.359Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "16.12.8"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "16.12.4a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "16.12.5a"
            },
            {
              "status": "affected",
              "version": "16.12.5b"
            },
            {
              "status": "affected",
              "version": "16.12.6a"
            },
            {
              "status": "affected",
              "version": "16.12.7"
            },
            {
              "status": "affected",
              "version": "16.12.9"
            },
            {
              "status": "affected",
              "version": "17.2.2"
            },
            {
              "status": "affected",
              "version": "17.2.3"
            },
            {
              "status": "affected",
              "version": "17.3.1"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "17.3.1w"
            },
            {
              "status": "affected",
              "version": "17.3.2a"
            },
            {
              "status": "affected",
              "version": "17.3.1x"
            },
            {
              "status": "affected",
              "version": "17.3.1z"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.3.4b"
            },
            {
              "status": "affected",
              "version": "17.3.4c"
            },
            {
              "status": "affected",
              "version": "17.3.5a"
            },
            {
              "status": "affected",
              "version": "17.3.5b"
            },
            {
              "status": "affected",
              "version": "17.4.1"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.4.2a"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.5.1b"
            },
            {
              "status": "affected",
              "version": "17.5.1c"
            },
            {
              "status": "affected",
              "version": "17.6.1"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "17.6.1w"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1x"
            },
            {
              "status": "affected",
              "version": "17.6.3"
            },
            {
              "status": "affected",
              "version": "17.6.1y"
            },
            {
              "status": "affected",
              "version": "17.6.1z"
            },
            {
              "status": "affected",
              "version": "17.6.3a"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.1z1"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.6.5a"
            },
            {
              "status": "affected",
              "version": "17.7.1"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "17.7.1b"
            },
            {
              "status": "affected",
              "version": "17.7.2"
            },
            {
              "status": "affected",
              "version": "17.10.1"
            },
            {
              "status": "affected",
              "version": "17.10.1a"
            },
            {
              "status": "affected",
              "version": "17.10.1b"
            },
            {
              "status": "affected",
              "version": "17.8.1"
            },
            {
              "status": "affected",
              "version": "17.8.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1"
            },
            {
              "status": "affected",
              "version": "17.9.1w"
            },
            {
              "status": "affected",
              "version": "17.9.2"
            },
            {
              "status": "affected",
              "version": "17.9.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1x"
            },
            {
              "status": "affected",
              "version": "17.9.1y"
            },
            {
              "status": "affected",
              "version": "17.9.2a"
            },
            {
              "status": "affected",
              "version": "17.9.1x1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.\r\n\r Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:26.549Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-webui-cmdij-FzZAeXAy",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy"
        }
      ],
      "source": {
        "advisory": "cisco-sa-webui-cmdij-FzZAeXAy",
        "defects": [
          "CSCwe12578"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20231",
    "datePublished": "2023-09-27T17:19:17.664Z",
    "dateReserved": "2022-10-27T18:47:50.369Z",
    "dateUpdated": "2024-10-24T16:43:47.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-20728
Vulnerability from cvelistv5
Published
2022-09-30 18:45
Modified
2024-11-06 16:06
Severity ?
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FYvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220927 Cisco Access Points VLAN Bypass from Native VLAN Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20728",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T15:57:26.353659Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:06:38.935Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aironet Access Point Software (IOS XE Controller)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-09-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-30T18:45:16",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220927 Cisco Access Points VLAN Bypass from Native VLAN Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY"
        }
      ],
      "source": {
        "advisory": "cisco-sa-apvlan-TDTtb4FY",
        "defect": [
          [
            "CSCvz99036"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Access Points VLAN Bypass from Native VLAN Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-09-27T23:00:00",
          "ID": "CVE-2022-20728",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Access Points VLAN Bypass from Native VLAN Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Aironet Access Point Software (IOS XE Controller)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.7",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220927 Cisco Access Points VLAN Bypass from Native VLAN Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-apvlan-TDTtb4FY",
          "defect": [
            [
              "CSCvz99036"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20728",
    "datePublished": "2022-09-30T18:45:17.054877Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:06:38.935Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20112
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2vendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.895Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco Access Point Software Association Request Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20112",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:35:52.092551Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:02:04.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aironet Access Point Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "CWE-126",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco Access Point Software Association Request Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ap-assoc-dos-D2SunWK2",
        "defect": [
          [
            "CSCwb04244"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Access Point Software Association Request Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20112",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:02:04.798Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20056
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpuvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco Access Point Software Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20056",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:14.194265Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:02:56.470Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aironet Access Point Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco Access Point Software Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ap-cli-dos-tc2EKEpu",
        "defect": [
          [
            "CSCwc61122"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Access Point Software Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20056",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:02:56.470Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20097
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Summary
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8vendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco Access Point Software Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20097",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:03.962449Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:02:19.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aironet Access Point Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco Access Point Software Command Injection Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
        }
      ],
      "source": {
        "advisory": "cisco-sa-aironetap-cmdinj-6bjT4FL8",
        "defect": [
          [
            "CSCwc70131"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Access Point Software Command Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20097",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:02:19.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
4.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FYVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FYVendor Advisory
Impacted products
Vendor Product Version
cisco aironet_1542d_firmware 017.006\(001\)
cisco aironet_1542d -
cisco aironet_1542i_firmware 017.006\(001\)
cisco aironet_1542i -
cisco aironet_1562i_firmware 017.006\(001\)
cisco aironet_1562i -
cisco aironet_1562e_firmware 017.006\(001\)
cisco aironet_1562e -
cisco aironet_1562d_firmware 017.006\(001\)
cisco aironet_1562d -
cisco aironet_1815i_firmware 017.006\(001\)
cisco aironet_1815i -
cisco aironet_1815m_firmware 017.006\(001\)
cisco aironet_1815m -
cisco aironet_1815t_firmware 017.006\(001\)
cisco aironet_1815t -
cisco aironet_1815w_firmware 017.006\(001\)
cisco aironet_1815w -
cisco aironet_1830_firmware 017.006\(001\)
cisco aironet_1830 -
cisco aironet_1840_firmware 017.006\(001\)
cisco aironet_1840 -
cisco aironet_1850e_firmware 017.006\(001\)
cisco aironet_1850e -
cisco aironet_1850i_firmware 017.006\(001\)
cisco aironet_1850i -
cisco aironet_2800i_firmware 017.006\(001\)
cisco aironet_2800i -
cisco aironet_2800e_firmware 017.006\(001\)
cisco aironet_2800e -
cisco aironet_3800i_firmware 017.006\(001\)
cisco aironet_3800i -
cisco aironet_3800e_firmware 017.006\(001\)
cisco aironet_3800e -
cisco aironet_3800p_firmware 017.006\(001\)
cisco aironet_3800p -
cisco aironet_4800_firmware 017.006\(001\)
cisco aironet_4800 -
cisco catalyst_9105ax_firmware 017.006\(001\)
cisco catalyst_9105ax -
cisco catalyst_9115ax_firmware 017.006\(001\)
cisco catalyst_9115ax -
cisco catalyst_9117ax_firmware 017.006\(001\)
cisco catalyst_9117ax -
cisco catalyst_9120ax_firmware 017.006\(001\)
cisco catalyst_9120ax -
cisco catalyst_9124ax_firmware 017.006\(001\)
cisco catalyst_9124ax -
cisco catalyst_9130ax_firmware 017.006\(001\)
cisco catalyst_9130ax -
cisco catalyst_iw6300_firmware 017.006\(001\)
cisco catalyst_iw6300 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1542d_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C30EE454-DE99-45A8-BC00-8BAD63D404F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1542i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E17DAE78-C47D-436E-B6A5-5FE9F5B4D48A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1562i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EFA337-E530-406E-9724-6442C09B65E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1562e_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7916943D-0658-4F2C-A402-E1B0015D1A4D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1562d_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DBEF281D-F425-4C09-BADF-D4F12EB1B170",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1815i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E34335F2-8CC1-461D-A924-A5FE04AB63E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1815m_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC7A666-9747-48A6-B6DF-429C75F1F813",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1815t_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ADD0C869-6417-4A4A-AE75-D53DFC2D5457",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1815w_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8F076029-D6EF-4ED6-80E7-E6234A85D9A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1830_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0289A772-69E9-45DE-B62A-5EFC2CC74D6A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1830:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "093AB3A8-853B-4094-BFB5-6A8775AAA8D3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1840_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46BA436B-2D80-440B-8ADE-49E47F911A1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1840:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A69CA9D6-914D-436F-AA81-B218CC312D29",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1850e_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "246D690E-1CDC-4F91-BF80-92CCEBF4CACB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1850e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24E47788-9B54-42C5-AD83-428B22674575",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_1850i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F955286D-0599-40D6-BFEF-76DEBAC2366E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1850i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A333CD0B-4729-4E64-8B52-A3F5138F5B70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_2800i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D4EF48F1-D56E-48B6-BA56-ACFBE4EFB5AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_2800e_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "48B50155-AEF6-4986-8251-26D5F83037E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_3800i_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A3CD1148-EF18-41E6-BC28-8D116D3B6D01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_3800e_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D42D8EA9-4AFE-4C21-A8B6-0868DC077CC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_3800p_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CEDE0864-1F86-409E-9818-55E35CF9F2FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:aironet_4800_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C94468BF-A526-428F-A2CE-2D4D957525EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B90E3B6E-BF30-4EFE-91BC-901EBA17F42E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9115ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C861A65F-6DA1-4CAD-8D5E-BDEDEAA88C67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9117ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E8F2FC-6E19-4B4B-B768-10FCDE3E1A53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73FDAAE9-A9BD-41BF-9BAE-710F1FA729C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9124ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8E16FF2F-EB47-4F5E-A414-A8214DB01055",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9130ax_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF52DD7-F235-40DF-817D-78D11D20EC2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_iw6300_firmware:017.006\\(001\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4141765D-BBA3-47AD-AC94-CB8507F711A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards packets that are destined to a wireless client if they are received on the native VLAN. An attacker could exploit this vulnerability by obtaining access to the native VLAN and directing traffic directly to the client through their MAC/IP combination. A successful exploit could allow the attacker to bypass VLAN separation and potentially also bypass any Layer 3 protection mechanisms that are deployed."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el c\u00f3digo de reenv\u00edo de clientes de varios Puntos de Acceso (AP) de Cisco podr\u00eda permitir a un atacante adyacente no autenticado inyectar paquetes de la VLAN nativa a clientes dentro de VLANs no nativas en un dispositivo afectado. Esta vulnerabilidad es debido a un error l\u00f3gico en el AP que reenv\u00eda los paquetes destinados a un cliente inal\u00e1mbrico si son recibidos en la VLAN nativa. Un atacante podr\u00eda explotar esta vulnerabilidad al obtener acceso a la VLAN nativa y dirigiendo el tr\u00e1fico directamente al cliente mediante su combinaci\u00f3n MAC/IP. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir la separaci\u00f3n de VLAN y potencialmente tambi\u00e9n omitir cualquier mecanismo de protecci\u00f3n de capa 3 que est\u00e9 desplegado"
    }
  ],
  "id": "CVE-2022-20728",
  "lastModified": "2024-11-21T06:43:25.730",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-30T19:15:10.903",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apvlan-TDTtb4FY"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8Vendor Advisory
Impacted products
Vendor Product Version
cisco wireless_lan_controller_software *
cisco esw6300 -
cisco aironet_access_point_software *
cisco aironet_1540 -
cisco aironet_1542d -
cisco aironet_1542i -
cisco aironet_1560 -
cisco aironet_1562d -
cisco aironet_1562e -
cisco aironet_1562i -
cisco aironet_1800 -
cisco aironet_1800i -
cisco aironet_1810 -
cisco aironet_1810w -
cisco aironet_1815 -
cisco aironet_1815i -
cisco aironet_1815m -
cisco aironet_1815t -
cisco aironet_1815w -
cisco aironet_2800 -
cisco aironet_2800e -
cisco aironet_2800i -
cisco aironet_3800 -
cisco aironet_3800e -
cisco aironet_3800i -
cisco aironet_3800p -
cisco aironet_4800 -
cisco catalyst_9100 -
cisco catalyst_9105 -
cisco catalyst_9105ax -
cisco catalyst_9105axi -
cisco catalyst_9105axw -
cisco catalyst_9115 -
cisco catalyst_9115_ap -
cisco catalyst_9115ax -
cisco catalyst_9115axe -
cisco catalyst_9115axi -
cisco catalyst_9117 -
cisco catalyst_9117_ap -
cisco catalyst_9117ax -
cisco catalyst_9117axi -
cisco catalyst_9120 -
cisco catalyst_9120_ap -
cisco catalyst_9120ax -
cisco catalyst_9120axe -
cisco catalyst_9120axi -
cisco catalyst_9120axp -
cisco catalyst_9124 -
cisco catalyst_9124ax -
cisco catalyst_9124axd -
cisco catalyst_9124axi -
cisco catalyst_9130 -
cisco catalyst_9130_ap -
cisco catalyst_9130ax -
cisco catalyst_9130axe -
cisco catalyst_9130axi -
cisco catalyst_iw6300 -
cisco catalyst_iw6300_ac -
cisco catalyst_iw6300_dc -
cisco catalyst_iw6300_dcw -
cisco ios_xe *
cisco ios_xe *
cisco ios_xe *
cisco ios_xe *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9EA7E3F-2EA0-4B32-BCA0-0E88FC9E4F9D",
              "versionEndExcluding": "8.10.183.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "386B92C5-05F3-40A8-8F35-280DD9E84169",
              "versionEndExcluding": "17.9.0.135",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "810472FD-52DE-4694-98FA-1AD858BEC895",
              "versionEndExcluding": "16.12.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C1CD64-ADE0-453F-9E0B-EA952F743892",
              "versionEndExcluding": "17.3.6",
              "versionStartIncluding": "17.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "612EB810-AB85-49D4-BB5C-C03E2B1A0B43",
              "versionEndExcluding": "17.6.5",
              "versionStartIncluding": "17.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4C5572-9D7D-405C-AF93-DF9FF07F92F7",
              "versionEndExcluding": "17.9.2",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP."
    }
  ],
  "id": "CVE-2023-20097",
  "lastModified": "2024-11-21T07:40:32.780",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.5,
        "impactScore": 2.7,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:15.027",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpuVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpuVendor Advisory
Impacted products
Vendor Product Version
cisco wireless_lan_controller_software *
cisco esw6300 -
cisco aironet_access_point_software *
cisco aironet_1540 -
cisco aironet_1542d -
cisco aironet_1542i -
cisco aironet_1560 -
cisco aironet_1562d -
cisco aironet_1562e -
cisco aironet_1562i -
cisco aironet_1800 -
cisco aironet_1800i -
cisco aironet_1810 -
cisco aironet_1810w -
cisco aironet_1815 -
cisco aironet_1815i -
cisco aironet_1815m -
cisco aironet_1815t -
cisco aironet_1815w -
cisco aironet_2800 -
cisco aironet_2800e -
cisco aironet_2800i -
cisco aironet_3800 -
cisco aironet_3800e -
cisco aironet_3800i -
cisco aironet_3800p -
cisco aironet_4800 -
cisco catalyst_9100 -
cisco catalyst_9105 -
cisco catalyst_9105ax -
cisco catalyst_9105axi -
cisco catalyst_9105axw -
cisco catalyst_9115 -
cisco catalyst_9115_ap -
cisco catalyst_9115ax -
cisco catalyst_9115axe -
cisco catalyst_9115axi -
cisco catalyst_9117 -
cisco catalyst_9117_ap -
cisco catalyst_9117ax -
cisco catalyst_9117axi -
cisco catalyst_9120 -
cisco catalyst_9120_ap -
cisco catalyst_9120ax -
cisco catalyst_9120axe -
cisco catalyst_9120axi -
cisco catalyst_9120axp -
cisco catalyst_9124 -
cisco catalyst_9124ax -
cisco catalyst_9124axd -
cisco catalyst_9124axi -
cisco catalyst_9130 -
cisco catalyst_9130_ap -
cisco catalyst_9130ax -
cisco catalyst_9130axe -
cisco catalyst_9130axi -
cisco catalyst_iw6300 -
cisco catalyst_iw6300_ac -
cisco catalyst_iw6300_dc -
cisco catalyst_iw6300_dcw -
cisco ios_xe *
cisco ios_xe *
cisco ios_xe *
cisco ios_xe *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9EA7E3F-2EA0-4B32-BCA0-0E88FC9E4F9D",
              "versionEndExcluding": "8.10.183.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09051BC5-CFE7-43EF-975D-BF77724E8776",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "386B92C5-05F3-40A8-8F35-280DD9E84169",
              "versionEndExcluding": "17.9.0.135",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BFEED4-7AD7-406F-A044-BDEA98133711",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DB7510-2741-464A-8FC9-8419985E330F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE916B2-CAAD-4508-A47E-A7D4D88B077A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8191FD87-4E55-4F38-8DB0-7E6772AD075B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D717945-EE41-4D0F-86EF-90826EBE9C3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99EAEA92-6589-4DFB-BC4B-8CBA425452D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D27AB201-342D-4517-9E05-6088598F4695",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F4C00A-D1E2-4B21-A14E-F30B4B818493",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC836B4D-A489-4300-B0A2-EF0B6E01E623",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F923CF-D4EB-48F8-821D-8BB3A69ABB62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D613A17-FFA9-4FF0-9C2A-AF8ACD59B765",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8BF9DDB-884D-47B5-A295-8BFA5207C412",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "207DC80E-499C-4CA3-8A88-F027DBC64CCF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3225A6-DA3C-49FE-B0F8-8AC6B7DA3347",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E1D6F32-3F51-4C5B-97AF-1AD8917FCB07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09FEE6E-8169-4E90-ACF6-88BEE747D7A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C28A6B0-10FF-4C6D-8527-2313E163C98E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "098A82FF-95F7-416A-BADD-C57CE81ACD32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D5813-9223-4B3F-9DE2-F3EF854FC927",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7636F7E2-E386-4F8C-A0C5-F510D8E21DA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D7583E-2B61-40F1-B9A6-701DA08F8CDF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "945DDBE7-6233-416B-9BEE-7029F047E298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED89428-750C-4C26-B2A1-E3D63F8B3F44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D8A4CB-5B80-4332-BCBC-DA18AD94D215",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C559D6F7-B432-4A2A-BE0E-9697CC412C70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23153AA4-B169-4421-BFF8-873205FC9C21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67DC3B71-B64D-4C49-B089-B274FA34ECB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F857465-314F-4124-9835-8A269486D654",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "810472FD-52DE-4694-98FA-1AD858BEC895",
              "versionEndExcluding": "16.12.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55C1CD64-ADE0-453F-9E0B-EA952F743892",
              "versionEndExcluding": "17.3.6",
              "versionStartIncluding": "17.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "612EB810-AB85-49D4-BB5C-C03E2B1A0B43",
              "versionEndExcluding": "17.6.5",
              "versionStartIncluding": "17.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F4C5572-9D7D-405C-AF93-DF9FF07F92F7",
              "versionEndExcluding": "17.9.2",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resulting in a DoS condition."
    }
  ],
  "id": "CVE-2023-20056",
  "lastModified": "2024-11-21T07:40:27.043",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:14.220",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2Vendor Advisory
Impacted products
Vendor Product Version
cisco business_150ax_firmware *
cisco business_150ax -
cisco business_151axm_firmware *
cisco business_151axm -
cisco catalyst_9105ax_firmware *
cisco catalyst_9105ax -
cisco catalyst_9105axi_firmware *
cisco catalyst_9105axi -
cisco catalyst_9105axw_firmware *
cisco catalyst_9105axw -
cisco catalyst_9105i_firmware *
cisco catalyst_9105i -
cisco catalyst_9105w_firmware *
cisco catalyst_9105w -
cisco catalyst_9115_firmware *
cisco catalyst_9115 -
cisco catalyst_9115ax_firmware *
cisco catalyst_9115ax -
cisco catalyst_9115axe_firmware *
cisco catalyst_9115axe -
cisco catalyst_9115axi_firmware *
cisco catalyst_9115axi -
cisco catalyst_9117_firmware *
cisco catalyst_9117 -
cisco catalyst_9117ax_firmware *
cisco catalyst_9117ax -
cisco catalyst_9117axi_firmware *
cisco catalyst_9117axi -
cisco catalyst_9120_firmware *
cisco catalyst_9120 -
cisco catalyst_9120ax_firmware *
cisco catalyst_9120ax -
cisco catalyst_9120axe_firmware *
cisco catalyst_9120axe -
cisco catalyst_9120axi_firmware *
cisco catalyst_9120axi -
cisco catalyst_9120axp_firmware *
cisco catalyst_9120axp -
cisco catalyst_9124_firmware *
cisco catalyst_9124 -
cisco catalyst_9124ax_firmware *
cisco catalyst_9124ax -
cisco catalyst_9124axd_firmware *
cisco catalyst_9124axd -
cisco catalyst_9124axi_firmware *
cisco catalyst_9124axi -
cisco catalyst_9130_firmware *
cisco catalyst_9130 -
cisco catalyst_9130ax_firmware *
cisco catalyst_9130ax -
cisco catalyst_9130axe_firmware *
cisco catalyst_9130axe -
cisco catalyst_9130axi_firmware *
cisco catalyst_9130axi -
cisco catalyst_9136_firmware *
cisco catalyst_9136 -
cisco catalyst_9162_firmware *
cisco catalyst_9162 -
cisco catalyst_9164_firmware *
cisco catalyst_9164 -
cisco catalyst_9166_firmware *
cisco catalyst_9166 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:business_150ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53461D22-32D2-4DE1-AD92-7973EC5B205B",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:business_150ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB2B555E-1523-4C62-A91D-EE1F3F1200EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:business_151axm_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A020A23-9AD6-4543-A859-3830EBB12296",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8760865B-4AB3-4A1A-960D-FF6974A7AC06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAD0137-380A-42A1-8292-9923CCD36FEA",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D31EFF0-1179-47AA-9D6E-1C9760F5A9EC",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105axw_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D301BE7A-4A6A-48B1-8CF2-2FB930D47DB2",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70D701B8-21F8-4286-B31F-C4CC18FF3B07",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93510CF6-232E-4FBD-BF01-79070306FB97",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9105w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC5C951-CA0B-445D-B340-D1D6ECD94A59",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77BE20A3-964E-46D3-ACA2-B53A175027D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9115_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F837E8E-7B45-4D1C-8AD6-A40E60BB5CD0",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9115ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37255F5F-CB34-469E-A323-59914D7540CF",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9115axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "591778EC-0772-44E4-B021-54B1B3504E83",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9115axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D5E598-481E-449A-9971-179687EB9592",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9117_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F49A92-966B-4269-9E35-7A28A86685A6",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9117ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AD186AA-430B-4F51-AAB0-9D869EAD586C",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9117axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B540968A-C15E-4DAC-AEAE-4A0218600194",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55F958F-C3DC-4DAF-8EE5-C55562224DA2",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1794D85C-A7E4-4959-A3F8-0F15BD4D30D1",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "588A0484-72B4-479C-9EA3-D427979BAAAB",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7A404E6-04C8-48C3-8D86-866969BEFA63",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9120axp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7445C6-7A24-454A-8129-C4F3EEB38130",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9124_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A5860B4-186D-460F-9C36-D3031D927AB1",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9124ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB68FAD-4F8C-4228-99C4-6EDFFAF5242D",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9124axd_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBB23E27-C004-4932-8690-1ECE1F4981B9",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9124axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7147FDD8-9B32-46E3-8537-0E8BEFFA4893",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D612055-BDA4-49E2-9F31-1E434685BB83",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9130ax_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61148FE7-059D-47B6-92B6-14187ED5B65A",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9130axe_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "457919D4-12E5-4E31-B29C-A2798B711D0D",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9130axi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B49F389-8F3E-421C-8C6B-FD05EAD6ED34",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9136_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F409EED4-899A-4C4C-B919-2C5E6F96A738",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9162_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17541D5B-1F7D-4F99-92D1-2A2709F2D12E",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9347227-9FA8-46B6-96EF-713543376296",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9164_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A85B807-FE69-4445-9846-1C50BFD0D4E1",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:catalyst_9166_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D76C0984-493A-4875-AACF-20870DF5DD7C",
              "versionEndExcluding": "10.3.2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition."
    }
  ],
  "id": "CVE-2023-20112",
  "lastModified": "2024-11-21T07:40:34.933",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:15.267",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-D2SunWK2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-126"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-09-27 18:15
Modified
2024-11-21 07:40
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAyVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAyVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 16.12.4
cisco ios_xe 16.12.4a
cisco ios_xe 16.12.5
cisco ios_xe 16.12.5a
cisco ios_xe 16.12.5b
cisco ios_xe 16.12.6
cisco ios_xe 16.12.6a
cisco ios_xe 16.12.7
cisco ios_xe 16.12.8
cisco ios_xe 16.12.9
cisco ios_xe 17.2.2
cisco ios_xe 17.2.3
cisco ios_xe 17.3.1
cisco ios_xe 17.3.1a
cisco ios_xe 17.3.1w
cisco ios_xe 17.3.1x
cisco ios_xe 17.3.1z
cisco ios_xe 17.3.2
cisco ios_xe 17.3.3
cisco ios_xe 17.3.4
cisco ios_xe 17.3.4a
cisco ios_xe 17.3.4b
cisco ios_xe 17.3.4c
cisco ios_xe 17.3.5
cisco ios_xe 17.3.5a
cisco ios_xe 17.3.5b
cisco ios_xe 17.3.6
cisco ios_xe 17.4.1
cisco ios_xe 17.4.1a
cisco ios_xe 17.4.1b
cisco ios_xe 17.4.2
cisco ios_xe 17.4.2a
cisco ios_xe 17.5.1
cisco ios_xe 17.5.1a
cisco ios_xe 17.5.1b
cisco ios_xe 17.5.1c
cisco ios_xe 17.6.1
cisco ios_xe 17.6.1.z
cisco ios_xe 17.6.1a
cisco ios_xe 17.6.1w
cisco ios_xe 17.6.1x
cisco ios_xe 17.6.1y
cisco ios_xe 17.6.1z1
cisco ios_xe 17.6.2
cisco ios_xe 17.6.3
cisco ios_xe 17.6.3a
cisco ios_xe 17.6.4
cisco ios_xe 17.6.5
cisco ios_xe 17.7.1
cisco ios_xe 17.7.1a
cisco ios_xe 17.7.1b
cisco ios_xe 17.7.2
cisco ios_xe 17.8.1
cisco ios_xe 17.8.1a
cisco ios_xe 17.9.1
cisco ios_xe 17.9.1a
cisco ios_xe 17.9.1w
cisco ios_xe 17.9.1x
cisco ios_xe 17.9.1x1
cisco ios_xe 17.9.1y
cisco ios_xe 17.9.2
cisco ios_xe 17.9.2a
cisco ios_xe 17.9.2b
cisco ios_xe 17.10.1
cisco ios_xe 17.10.1a
cisco ios_xe 17.10.1b
cisco ios_xe 17.91w
cisco catalyst_9105ax -
cisco catalyst_9105axi -
cisco catalyst_9105axw -
cisco catalyst_9115ax -
cisco catalyst_9115axe -
cisco catalyst_9115axi -
cisco catalyst_9117ax -
cisco catalyst_9117axi -
cisco catalyst_9120ax -
cisco catalyst_9120axe -
cisco catalyst_9120axi -
cisco catalyst_9120axp -
cisco catalyst_9124ax -
cisco catalyst_9124axd -
cisco catalyst_9124axi -
cisco catalyst_9130ax -
cisco catalyst_9130axe -
cisco catalyst_9130axi -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-80 -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BBFDD70-7AF3-47AE-94CA-56C19F2D6234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B736F09-3B51-4B2A-92F6-602847001F15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F58A94E-B050-4EFA-84BA-43B11BA22E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E864BB1-FD23-4AB3-9138-5FD8B62EAF5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "838D6C2D-C131-4A9C-AAE5-5BF38E637E4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D5E77B-687D-4AE7-95B8-0AB56AF5DAD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
              "matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B5244CD-ECFA-4CCD-B611-C5A59368C5E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDEDC7A0-D031-433B-ABF5-4EC0A43D80CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1.z:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7E7D26-3144-48B6-B236-05136CD38157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
              "matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
              "matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A099C9-0C81-4819-BE4A-FE59144C55BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.91w:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CAD1C8C-765D-47C4-BAD0-5C2B67460DC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device.\r\n\r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.\r\n\r Note: This vulnerability is exploitable only if the attacker obtains the credentials for a Lobby Ambassador account. This account is not configured by default."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de usuario web del software Cisco IOS XE podr\u00eda permitir que un atacante remoto autenticado realice un ataque de inyecci\u00f3n contra un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando datos manipulados a la interfaz de usuario web. Un exploit exitoso podr\u00eda permitir al atacante ejecutar comandos arbitrarios al CLI del Cisco IOS XE con privilegios de nivel 15. Nota: Esta vulnerabilidad solo se puede explotar si el atacante obtiene las credenciales de una cuenta de Lobby Ambassador. Esta cuenta no est\u00e1 configurada de forma predeterminada."
    }
  ],
  "id": "CVE-2023-20231",
  "lastModified": "2024-11-21T07:40:57.000",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-27T18:15:11.430",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}