All the vulnerabilites related to cisco - cgr1000_firmware
cve-2023-20076
Vulnerability from cvelistv5
Published
2023-02-12 00:00
Modified
2024-10-28 16:34
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20076",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T16:19:27.545112Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T16:34:17.566Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-02-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-233",
              "description": "CWE-233",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-05T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-8whGn5dL",
        "defect": [
          [
            "CSCwc66882"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Hosting Environment Command Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20076",
    "datePublished": "2023-02-12T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-28T16:34:17.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-1460
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:03:18.333086Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:34:03.389Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-24T20:06:50",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-dos-4Fgcjh6",
        "defect": [
          [
            "CSCvt74967",
            "CSCvu19405",
            "CSCvv02734",
            "CSCvv02834"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Framework  Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-03-24T16:00:00",
          "ID": "CVE-2021-1460",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOx Application Framework  Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210324 Cisco IOx Application Framework  Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iox-dos-4Fgcjh6",
          "defect": [
            [
              "CSCvt74967",
              "CSCvu19405",
              "CSCvv02734",
              "CSCvv02834"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1460",
    "datePublished": "2021-03-24T20:06:50.388114Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:34:03.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6Vendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 809_industrial_integrated_services_router -
cisco 829_industrial_integrated_services_router -
cisco cgr1000_firmware *
cisco cgr1000 -
cisco ic3000_industrial_compute_gateway_firmware *
cisco ic3000_industrial_compute_gateway -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B678941-70A6-4DE9-BFA5-69C084BA584A",
              "versionEndExcluding": "15.9\\(3\\)m3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5F1EC30-07EA-48D0-B44E-517A1305785F",
              "versionEndExcluding": "1.12.0.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ic3000_industrial_compute_gateway_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EC81DE1-1460-42FC-AAE4-BA9A2E81C88B",
              "versionEndExcluding": "1.3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1DEE8B-C9B3-4E45-BBBD-C3DF2A61C349",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el Cisco IOx Application Framework de los Enrutadores Cisco 809 Industrial Integrated Services (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, y Cisco IC3000 Industrial Compute Gateway, podr\u00eda permitir a un atacante remoto no autenticado causar una denegaci\u00f3n de servicio. (DoS) en un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a un manejo insuficiente de errores durante el procesamiento de paquetes.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una tasa alta y sostenida de tr\u00e1fico TCP dise\u00f1ado al servidor web IOx en un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante cause que el servidor web IOx dejara de procesar peticiones, lo que resultar\u00eda en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2021-1460",
  "lastModified": "2024-11-21T05:44:24.730",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-24T20:15:15.777",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-4Fgcjh6"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-02-12 04:15
Modified
2024-11-21 07:40
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dLVendor Advisory
Impacted products
Vendor Product Version
cisco ic3000_industrial_compute_gateway *
cisco iox -
cisco ios_xe *
cisco ios_xe *
cisco ios_xe 17.10.0
cisco cgr1240_firmware *
cisco cgr1240 -
cisco cgr1000_firmware *
cisco cgr1000 -
cisco ir510_wpan_firmware *
cisco ir510_wpan -
cisco 829_industrial_integrated_services_router_firmware *
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 829_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 829_industrial_integrated_services_router -
cisco 807_industrial_integrated_services_router_firmware *
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 807_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 807_industrial_integrated_services_router -
cisco 809_industrial_integrated_services_router_firmware *
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m1
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m2
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m2a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m3
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m4
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m4a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m5
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m6a
cisco 809_industrial_integrated_services_router_firmware 15.9\(3\)m6b
cisco 809_industrial_integrated_services_router -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0123C40-42E9-4DA1-A333-1249D52FE05F",
              "versionEndExcluding": "1.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:iox:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E74F18-C63E-4A10-99C2-51907E199BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F708D7F-6673-489E-9B2D-796AF552D7A2",
              "versionEndExcluding": "17.6.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FC38B1-5F12-496F-8843-F119DB2D684C",
              "versionEndExcluding": "17.9.2",
              "versionStartIncluding": "17.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC868609-83CD-4FBA-A842-18CD4F07D8D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F343CE69-D1C6-4CB3-97CF-AC480FA6802D",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17050EB-5D47-4287-A2E7-518A811157A7",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF8D8F3-C04A-4A32-B7DF-7649506B83D1",
              "versionEndExcluding": "1.10.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A8B23B-89DC-4BD2-AC3B-E73169F42F6C",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E5C422-7131-49C5-B05C-11CDC97373BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "313940F2-909D-4BAB-BC1C-CA9419F4E9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "887AA4F7-7A63-4FAF-89E9-B992FF8C0F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1EEADC2-0938-48F8-8ED4-7A2643B6BAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79FD2A7-F49F-40CA-B721-AD222DD16CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95BEF3-E236-4B08-A3C5-210A094AB41E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D097582-7C84-4899-93C4-B16692A41302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "86891B33-4B66-48C1-933B-75187404B129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "372E3DB5-5296-4353-9A2B-0A8040F07BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FCE500-AD08-40CE-8956-2997C9200B41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB92E03-2956-4AC1-831F-152FCBA01092",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA00C2A-CFC0-498B-8EA7-989FA2B78A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "308D1626-255D-4266-B2E1-B6D34D7D8881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA3B170E-B248-4E9E-968B-A6320AAF3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E20439B8-530E-4C49-AFBE-5AFAC95BA994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDA253BF-10DF-4819-A165-9E9049B14D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA057DC-F9D9-4A96-9AAF-86303A4D21A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DF79F40-DA37-4A36-95BD-7FDD8D41783F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DB4FDC-3152-4144-A85B-920577D65BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "564BC14B-465D-4E3D-A37A-15ED0AE65AA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5612E330-FA91-4DA5-9D74-4E262769E388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF306339-36B4-4549-8C8D-C7530C575D9B",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA50E936-DFBC-4B6A-9AE3-763CBD2EA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8088D28-AA6B-4CA8-B120-9993D0C8035F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D568BB-6646-4366-8D8F-87B829AC018F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "352566DD-EF2B-49A0-9CFF-3C67152DE403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E645F0-179C-43F4-9B12-2485B3C1924C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C1A3AB-E91B-4A59-8E49-C7E722A97F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D4FD9E-A505-4819-B57D-458A24C7E0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A299F13E-02DD-490E-96F7-02BF7B21A46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACD17542-1D24-4D1B-A123-B773BA66326E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F1604-4189-4585-8E94-0BD1F02A125C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
    }
  ],
  "id": "CVE-2023-20076",
  "lastModified": "2024-11-21T07:40:29.813",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-12T04:15:19.287",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-233"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}