{"vulnerability": "cve-2023-2015", "sightings": [{"uuid": "566852f7-09b2-4e30-8b2c-d89c5b47f673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20154", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487548686668738", "content": "", "creation_timestamp": "2024-11-15T14:56:07.137460Z"}, {"uuid": "4194034c-ad91-4296-951a-f2f70933c553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20159", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-cisco-switches-exploit-code-offentlich-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-05-22T14:10:50.000000Z"}, {"uuid": "1f851975-495e-4f0d-8178-7dd6399f1c8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20157", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-cisco-switches-exploit-code-offentlich-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-05-22T14:10:50.000000Z"}, {"uuid": "de93f08e-8789-44c7-8c02-26a3db9ba347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20156", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-cisco-switches-exploit-code-offentlich-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-05-22T14:10:50.000000Z"}, {"uuid": "a919a34f-8c76-4a26-aaf8-6a82418498a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20154", "type": "seen", "source": "https://t.me/cvedetector/11088", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-20154 - \"Cisco Modeling Labs External Authentication Bypass Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2023-20154 \nPublished : Nov. 15, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an unauthenticated, remote attacker to access the web interface with administrative privileges.  \n  \nThis vulnerability is due to the improper handling of certain messages that are returned by the associated external authentication server. An attacker could exploit this vulnerability by logging in to the web interface of an affected server. Under certain conditions, the authentication mechanism would be bypassed and the attacker would be logged in as an administrator. A successful exploit could allow the attacker to obtain administrative privileges on the web interface of an affected server, including the ability to access and modify every simulation and all user-created data. To exploit this vulnerability, the attacker would need valid user credentials that are stored on the associated external authentication server.  \nCisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T16:36:51.000000Z"}, {"uuid": "b6d9ab61-0214-4e27-9210-b3fd9b5a06f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20152", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/565", "content": "\u26a1\ufe0f\u041e\u0442\u043b\u043e\u0436\u0438\u0442\u044c \u043d\u0435\u043b\u044c\u0437\u044f \u043f\u0430\u0442\u0447\u0438\u0442\u044c\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u044c\u0442\u0435 \u0437\u0430\u043f\u044f\u0442\u0443\u044e \u043d\u0430 \u0441\u0432\u043e\u0439 \u0432\u043a\u0443\u0441. \u0410\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043f\u0430\u0442\u0447\u0435\u0439 \u0435\u0449\u0451 \u0442\u043e\u043b\u044c\u043a\u043e  \u0437\u0430\u0432\u0442\u0440\u0430, \u0430 \u0440\u0430\u0437\u043d\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 \u0434\u044b\u0440, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432, \u0443\u0436\u0435 \u043d\u0430\u043a\u043e\u043f\u0438\u043b\u043e\u0441\u044c \u0438\u0437\u0440\u044f\u0434\u043d\u043e.\n\nApple \u0432 \u043f\u044f\u0442\u043d\u0438\u0446\u0443 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0434\u0432\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-28205, -28206), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u044f\u0434\u0440\u0430 \u043d\u0430 \u0432\u0441\u0435\u0445 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u044f\u0445 iPhone \u0441 8\u0433\u043e, iPad \u0441 5\u0433\u043e \u0438 \u041c\u0430\u043a\u043e\u0432 \u0441 ma\u0441OS Ventura.\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Apple \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442, \u043d\u043e \u044d\u0442\u043e\u0442 \u0442\u0432\u0438\u0442 \u043a\u0430\u043a \u0431\u044b \u043d\u0430\u043c\u0435\u043a\u0430\u0435\u0442. \n\nGoogle \u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043b\u0430\u043d\u043e\u0432\u043e\u0435 \u0418\u0411-\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Android, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0435 28\n\u0444\u0438\u043a\u0441\u043e\u0432 \u0440\u0430\u0437\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0437\u0430\u043a\u0440\u044b\u0432 2 RCE \u0438 15 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\nCisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430  \u043f\u0430\u0440\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVSS 7.8) \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 EPNM, ISE, Cisco Prime Infrastructure. \nCVSS-2023-20121 \u0438 -20122 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0441\u0431\u0435\u0436\u0430\u0442\u044c \u0438\u0437 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u043f\u0440\u0430\u0432\u0430\u0445 \u0448\u0435\u043b\u043b\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root \u0432 \u041e\u0421.\n\u0415\u0449\u0451 \u043f\u0430\u0440\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0445 \u0431\u0430\u0433\u043e\u0432 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e Cisco ISE (CVE-2023-20152, -20153), \u043d\u043e \u0434\u043b\u044f \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0443\u0436\u043d\u044b \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\u0411\u0430\u0433\u0438 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u0439 Telepresence VCS \u0438 Expressway \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b \u0435\u0449\u0435 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u043d\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2022-20812 \u0438 -20813 (CVSS 9.0) \u0432\u044b\u0445\u043e\u0434\u044f\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0439\u0447\u0430\u0441.\n\nMicrosoft, \u043d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Edge, \u043e\u043d\u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 3 \u0444\u0438\u043a\u0441\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u0440\u0438\u0441\u043a\u0430\u043c\u0438.\n\n\u041d\u0443 \u0430 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 Chrome 112, \u0437\u0430\u043a\u0440\u044b\u0432 16 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 2 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445.\n\n\u041d\u0435\u043c\u043d\u043e\u0433\u043e \u0436\u0430\u0440\u0435\u043d\u043e\u0433\u043e \u0438\u0437 \u043c\u0438\u0440\u0430 Open Source - \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f Javascript-\u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430 VM2 \u0437\u0430\u043a\u0440\u044b\u043b\u0430  CVE-2023-29017 \u0441 CVSS 10, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a (\u0432\u044b \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0434\u043e\u0433\u0430\u0434\u0430\u043b\u0438\u0441\u044c) \u043f\u043e\u0431\u0435\u0433\u0443 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0436\u0435 \u043d\u0430 Github \u0438 \u0432 npm.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-04-10T20:57:52.000000Z"}, {"uuid": "b51e7d32-e2b6-46b1-8875-9c69a08a3e98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20158", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-cisco-switches-exploit-code-offentlich-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-05-22T14:10:50.000000Z"}, {"uuid": "1fa8475c-8d7a-43e3-a811-676aba3ab135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-20159", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1027", "content": "", "creation_timestamp": "2023-05-18T04:00:00.000000Z"}, {"uuid": "e6fb50c1-7c18-443f-afbd-fc4161b266b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20155", "type": "seen", "source": "https://t.me/cibsecurity/73351", "content": "\u203c CVE-2023-20155 \u203c\n\nA vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-01T19:22:17.000000Z"}, {"uuid": "1a55a020-5b66-414b-9b5d-4591264377c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20158", "type": "seen", "source": "Telegram/EYQapHrtvMT0D7mREkFyuwLgbyriRgADHclgPdIQBBZXccw", "content": "", "creation_timestamp": "2023-05-30T04:33:58.000000Z"}, {"uuid": "5c585d9a-cb76-4837-a6d6-6ebc8bd6c5af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20159", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4394", "content": "\u00ab\u041a\u043b\u0438\u0435\u043d\u0442\u043e\u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f\u00bb Cisco \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0443\u0441\u0435\u0440\u0434\u043d\u043e \u043f\u0443\u0433\u0430\u0442\u044c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u043e \u0431\u043e\u043b\u044c\u0448\u0435\u0439 \u0447\u0430\u0441\u0442\u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c, \u0441\u0441\u044b\u043b\u0430\u044f\u0441\u044c \u043d\u0430 EOL.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0441\u0435\u0440\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE-\u043e\u0448\u0438\u0431\u043e\u043a CVE-2023-20159, CVE-2023-20160, CVE-2023-20161 \u0438 CVE-2023-20189 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0443\u044e \u043b\u0438\u043d\u0435\u0439\u043a\u0443 \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0438 Small Business \u0441\u0435\u0440\u0438\u0438 200, 250, 300, 350, 500 \u0438 550.\n\n\u0412\u0441\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043f\u043e\u0447\u0442\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441 \u0431\u0430\u0437\u043e\u0432\u044b\u043c\u0438 \u0431\u0430\u043b\u043b\u0430\u043c\u0438 CVSS 9,8/10.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0435 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\nCisco (PSIRT) \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0435\u0441\u043b\u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0434\u043e\u043b\u0438 \u0434\u043e EOL \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u043e, \u0442\u043e \u0440\u044f\u0434 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Prime Collaboration Deployment (PCD), \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0434\u043b\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0447\u044c\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435 \u043e\u0441\u043e\u0431\u043e \u0432\u043e\u043b\u043d\u0443\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430.", "creation_timestamp": "2023-05-18T11:59:24.000000Z"}, {"uuid": "8dcdb1a7-3813-40f0-b426-18c10c241cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20154", "type": "seen", "source": "https://t.me/true_secator/4310", "content": "Cisco \u0438 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE-\u0443\u044f\u0437\u0438\u0432\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Cisco \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u00a0\u0432 Industrial Network Director\u00a0(CVE-2023-20036, CVSS: 9,9), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0438 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0432\u043e\u0434\u0430 \u043f\u0440\u0438\u00a0\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043f\u0430\u043a\u0435\u0442\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043a\u0430\u043a NT AUTHORITY\\SYSTEM \u0432 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0412 \u044d\u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 CVE-2023-20039 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 5,5, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0433 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u0438\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 1.11.3.\n\nCisco \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u0432\u043d\u0435\u0448\u043d\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b\u00a0\u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043c\u043e\u0434\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f\u00a0Modeling Labs.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-20154 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 9,1 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u044b\u043a\u0430\u044e\u0442 \u0434\u044b\u0440\u0443 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, Cisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0441\u00a0\u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.5.1.\n\nVMware \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 Aria Operations for Logs (CVE-2023-20864, \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,8).\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a VMware Aria Operations for Logs, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\nVMware Aria Operations for Logs 8.12 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0443\u0433\u0443\u044e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 (CVE-2023-20865, \u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7,2), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco \u0438 VMware \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u043b\u0430\u043a\u043e\u043c\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.", "creation_timestamp": "2023-04-21T12:42:39.000000Z"}, {"uuid": "4eeb349d-b1ef-43f8-925a-1a2ec23cbd83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20159", "type": "seen", "source": "https://t.me/cibsecurity/64371", "content": "\u203c CVE-2023-20159 \u203c\n\nMultiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:10.000000Z"}, {"uuid": "f3caef44-f8b2-46f5-9d51-fed2dbcf0fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20156", "type": "seen", "source": "https://t.me/cibsecurity/64365", "content": "\u203c CVE-2023-20156 \u203c\n\nMultiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:02.000000Z"}, {"uuid": "c88c08c2-aa0a-47f2-9097-63c8e546d71d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20158", "type": "seen", "source": "https://t.me/cibsecurity/64363", "content": "\u203c CVE-2023-20158 \u203c\n\nMultiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due to improper validation of requests that are sent to the web interface. For more information about these vulnerabilities, see the Details section of this advisory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:32:00.000000Z"}, {"uuid": "6af3c065-66ff-4d90-929c-15771a0121ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20153", "type": "seen", "source": "https://t.me/cibsecurity/61491", "content": "\u203c CVE-2023-20153 \u203c\n\nMultiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-06T00:29:15.000000Z"}]}