Action not permitted
Modal body text goes here.
Modal Title
Modal Body
BDU:2023-02354
Vulnerability from fstec - Published: 19.04.2023
VLAI
Title
Уязвимость в функции SSH-аутентификации на основе ключей программного обеспечения Cisco StarOS, позволяющая нарушителю повысить свои привилегии
Description
Уязвимость в функции SSH-аутентификации на основе ключей программного обеспечения Cisco StarOS возникает из-за недостаточной проверки предоставленных пользователем учетных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить привилегии на уязвимом устройстве
Severity
Vendor
Cisco Systems Inc.
Software Name
StarOS, ASR 5000, Virtualized Packet Core
Software Version
от 21.22.0 - 21.28.m включительно (StarOS), - (ASR 5000), - Distributed Instance (VPC-DI) (Virtualized Packet Core), - Single Instance (VPC-SI) (Virtualized Packet Core)
Possible Mitigations
Использование рекомендаций:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h
Reference
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h
CWE
CWE-255
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 21.22.0 - 21.28.m \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (StarOS), - (ASR 5000), - Distributed Instance (VPC-DI) (Virtualized Packet Core), - Single Instance (VPC-SI) (Virtualized Packet Core)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.04.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.05.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.05.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-02354",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-20046",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "StarOS, ASR 5000, Virtualized Packet Core",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 SSH-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Cisco StarOS, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 (CWE-255)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 SSH-\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Cisco StarOS \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-255",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
CVE-2023-20046 (GCVE-0-2023-20046)
Vulnerability from cvelistv5 – Published: 2023-05-09 13:06 – Updated: 2024-08-02 08:57
VLAI
EPSS
Summary
A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.
There are workarounds that address this vulnerability.
Severity
8.8 (High)
CWE
- CWE-289 - Authentication Bypass by Alternate Name
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
Affected:
21.11.0
Affected: 21.11.1 Affected: 21.11.2 Affected: 21.11.3 Affected: 21.11.10 Affected: 21.11.11 Affected: 21.11.12 Affected: 21.11.13 Affected: 21.11.14 Affected: 21.11.4 Affected: 21.11.5 Affected: 21.11.6 Affected: 21.11.7 Affected: 21.11.8 Affected: 21.11.9 Affected: 21.11.15 Affected: 21.11.16 Affected: 21.11.17 Affected: 21.11.18 Affected: 21.11.19 Affected: 21.11.20 Affected: 21.11.21 Affected: 21.12.0 Affected: 21.12.1 Affected: 21.12.2 Affected: 21.12.3 Affected: 21.12.4 Affected: 21.12.5 Affected: 21.12.6 Affected: 21.12.10 Affected: 21.12.11 Affected: 21.12.12 Affected: 21.12.13 Affected: 21.12.14 Affected: 21.12.16 Affected: 21.12.17 Affected: 21.12.18 Affected: 21.12.7 Affected: 21.12.8 Affected: 21.12.9 Affected: 21.12.19 Affected: 21.12.20 Affected: 21.12.21 Affected: 21.12.22 Affected: 21.12.15 Affected: 21.13.0 Affected: 21.13.1 Affected: 21.13.2 Affected: 21.13.3 Affected: 21.13.4 Affected: 21.13.10 Affected: 21.13.11 Affected: 21.13.12 Affected: 21.13.13 Affected: 21.13.14 Affected: 21.13.15 Affected: 21.13.16 Affected: 21.13.17 Affected: 21.13.18 Affected: 21.13.19 Affected: 21.13.20 Affected: 21.13.5 Affected: 21.13.6 Affected: 21.13.7 Affected: 21.13.8 Affected: 21.13.9 Affected: 21.13.21 Affected: 21.14.0 Affected: 21.14.1 Affected: 21.14.10 Affected: 21.14.11 Affected: 21.14.12 Affected: 21.14.16 Affected: 21.14.17 Affected: 21.14.19 Affected: 21.14.2 Affected: 21.14.20 Affected: 21.14.3 Affected: 21.14.4 Affected: 21.14.5 Affected: 21.14.6 Affected: 21.14.7 Affected: 21.14.8 Affected: 21.14.9 Affected: 21.14.b12 Affected: 21.14.b13 Affected: 21.14.b14 Affected: 21.14.b15 Affected: 21.14.b17 Affected: 21.14.b18 Affected: 21.14.b19 Affected: 21.14.b20 Affected: 21.14.b21 Affected: 21.14.22 Affected: 21.14.b22 Affected: 21.14.23 Affected: 21.15.0 Affected: 21.15.1 Affected: 21.15.10 Affected: 21.15.11 Affected: 21.15.12 Affected: 21.15.13 Affected: 21.15.14 Affected: 21.15.15 Affected: 21.15.16 Affected: 21.15.17 Affected: 21.15.18 Affected: 21.15.19 Affected: 21.15.2 Affected: 21.15.20 Affected: 21.15.21 Affected: 21.15.22 Affected: 21.15.24 Affected: 21.15.25 Affected: 21.15.26 Affected: 21.15.27 Affected: 21.15.28 Affected: 21.15.29 Affected: 21.15.3 Affected: 21.15.30 Affected: 21.15.32 Affected: 21.15.33 Affected: 21.15.36 Affected: 21.15.37 Affected: 21.15.39 Affected: 21.15.4 Affected: 21.15.40 Affected: 21.15.41 Affected: 21.15.5 Affected: 21.15.6 Affected: 21.15.7 Affected: 21.15.8 Affected: 21.15.43 Affected: 21.15.45 Affected: 21.15.46 Affected: 21.15.47 Affected: 21.15.48 Affected: 21.15.51 Affected: 21.15.52 Affected: 21.15.53 Affected: 21.15.54 Affected: 21.15.55 Affected: 21.15.57 Affected: 21.15.58 Affected: 21.15.59 Affected: 21.15.60 Affected: 21.16.2 Affected: 21.16.3 Affected: 21.16.4 Affected: 21.16.5 Affected: 21.16.c10 Affected: 21.16.c11 Affected: 21.16.c12 Affected: 21.16.c13 Affected: 21.16.c9 Affected: 21.16.d0 Affected: 21.16.d1 Affected: 21.16.6 Affected: 21.16.c14 Affected: 21.16.7 Affected: 21.16.c15 Affected: 21.16.8 Affected: 21.16.c16 Affected: 21.16.10 Affected: 21.16.9 Affected: 21.16.c17 Affected: 21.16.c18 Affected: 21.16.c19 Affected: 21.17.0 Affected: 21.17.1 Affected: 21.17.2 Affected: 21.17.3 Affected: 21.17.4 Affected: 21.17.5 Affected: 21.17.6 Affected: 21.17.7 Affected: 21.17.8 Affected: 21.17.10 Affected: 21.17.11 Affected: 21.17.9 Affected: 21.17.12 Affected: 21.17.13 Affected: 21.17.14 Affected: 21.17.15 Affected: 21.17.16 Affected: 21.17.17 Affected: 21.17.18 Affected: 21.17.19 Affected: 21.18.0 Affected: 21.18.1 Affected: 21.18.2 Affected: 21.18.3 Affected: 21.18.4 Affected: 21.18.5 Affected: 21.18.11 Affected: 21.18.6 Affected: 21.18.7 Affected: 21.18.8 Affected: 21.18.9 Affected: 21.18.12 Affected: 21.18.13 Affected: 21.18.14 Affected: 21.18.15 Affected: 21.18.16 Affected: 21.18.17 Affected: 21.18.18 Affected: 21.18.19 Affected: 21.18.20 Affected: 21.18.21 Affected: 21.18.22 Affected: 21.18.23 Affected: 21.18.24 Affected: 21.18.25 Affected: 21.18.26 Affected: 21.19.0 Affected: 21.19.1 Affected: 21.19.2 Affected: 21.19.3 Affected: 21.19.n2 Affected: 21.19.4 Affected: 21.19.5 Affected: 21.19.n3 Affected: 21.19.n4 Affected: 21.19.6 Affected: 21.19.7 Affected: 21.19.8 Affected: 21.19.n5 Affected: 21.19.10 Affected: 21.19.9 Affected: 21.19.n6 Affected: 21.19.n7 Affected: 21.19.n8 Affected: 21.19.11 Affected: 21.19.n10 Affected: 21.19.n11 Affected: 21.19.n12 Affected: 21.19.n13 Affected: 21.19.n14 Affected: 21.19.n15 Affected: 21.19.n16 Affected: 21.19.n9 Affected: 21.19.n17 Affected: 21.19.n18 Affected: 21.20.0 Affected: 21.20.1 Affected: 21.20.SV1 Affected: 21.20.SV3 Affected: 21.20.SV5 Affected: 21.20.2 Affected: 21.20.3 Affected: 21.20.4 Affected: 21.20.5 Affected: 21.20.6 Affected: 21.20.7 Affected: 21.20.8 Affected: 21.20.9 Affected: 21.20.k6 Affected: 21.20.10 Affected: 21.20.11 Affected: 21.20.k7 Affected: 21.20.u8 Affected: 21.20.12 Affected: 21.20.13 Affected: 21.20.14 Affected: 21.20.k8 Affected: 21.20.p9 Affected: 21.20.15 Affected: 21.20.16 Affected: 21.20.17 Affected: 21.20.18 Affected: 21.20.19 Affected: 21.20.20 Affected: 21.20.21 Affected: 21.20.22 Affected: 21.20.23 Affected: 21.20.24 Affected: 21.20.25 Affected: 21.20.26 Affected: 21.20.28 Affected: 21.20.29 Affected: 21.20.30 Affected: 21.20.c22 Affected: 21.20.31 Affected: 21.20.32 Affected: 21.20.33 Affected: 21.20.34 Affected: 21.20.35 Affected: 21.20.27 Affected: 21.20.SV2 Affected: 21.21.0 Affected: 21.21.1 Affected: 21.21.2 Affected: 21.21.3 Affected: 21.21.KS2 Affected: 21.22.0 Affected: 21.22.n2 Affected: 21.22.n3 Affected: 21.22.3 Affected: 21.22.4 Affected: 21.22.5 Affected: 21.22.uj3 Affected: 21.22.11 Affected: 21.22.6 Affected: 21.22.7 Affected: 21.22.8 Affected: 21.22.n4 Affected: 21.22.n5 Affected: 21.22.ua0 Affected: 21.22.ua2 Affected: 21.22.ua3 Affected: 21.22.ua5 Affected: 21.22.12 Affected: 21.22.13 Affected: 21.22.n10 Affected: 21.22.n11 Affected: 21.22.n12 Affected: 21.22.n6 Affected: 21.22.n7 Affected: 21.22.n8 Affected: 21.22.n9 Affected: 21.22.n13 Affected: 21.23.0 Affected: 21.23.1 Affected: 21.23.10 Affected: 21.23.11 Affected: 21.23.12 Affected: 21.23.13 Affected: 21.23.14 Affected: 21.23.15 Affected: 21.23.16 Affected: 21.23.17 Affected: 21.23.2 Affected: 21.23.3 Affected: 21.23.4 Affected: 21.23.5 Affected: 21.23.6 Affected: 21.23.7 Affected: 21.23.8 Affected: 21.23.9 Affected: 21.23.b2 Affected: 21.23.b3 Affected: 21.23.c16 Affected: 21.23.c17 Affected: 21.23.n6 Affected: 21.23.n7 Affected: 21.23.n9 Affected: 21.23.18 Affected: 21.23.19 Affected: 21.23.21 Affected: 21.23.22 Affected: 21.23.23 Affected: 21.23.24 Affected: 21.23.25 Affected: 21.23.26 Affected: 21.23.27 Affected: 21.23.29 Affected: 21.23.30 Affected: 21.23.c18 Affected: 21.23.n10 Affected: 21.23.n11 Affected: 21.23.n8 Affected: 21.23.yn14 Affected: 21.24.0 Affected: 21.24.1 Affected: 21.24.2 Affected: 21.24.3 Affected: 21.25.0 Affected: 21.25.3 Affected: 21.25.4 Affected: 21.25.5 Affected: 21.25.10 Affected: 21.25.11 Affected: 21.25.12 Affected: 21.25.13 Affected: 21.25.14 Affected: 21.25.6 Affected: 21.25.7 Affected: 21.25.8 Affected: 21.25.9 Affected: 21.26.0 Affected: 21.26.1 Affected: 21.26.10 Affected: 21.26.13 Affected: 21.26.14 Affected: 21.26.15 Affected: 21.26.3 Affected: 21.26.5 Affected: 21.26.6 Affected: 21.26.7 Affected: 21.26.17 Affected: 21.27.0 Affected: 21.27.1 Affected: 21.27.2 Affected: 21.27.3 Affected: 21.27.4 Affected: 21.27.5 Affected: 21.27.m0 Affected: 21.28.0 Affected: 21.28.1 Affected: 21.28.2 Affected: 21.28.m0 Affected: 21.28.m1 Affected: 21.28.m2 Affected: 21.28.m3 |
|
| Cisco | Cisco Ultra Cloud Core - User Plane Function |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "21.11.0"
},
{
"status": "affected",
"version": "21.11.1"
},
{
"status": "affected",
"version": "21.11.2"
},
{
"status": "affected",
"version": "21.11.3"
},
{
"status": "affected",
"version": "21.11.10"
},
{
"status": "affected",
"version": "21.11.11"
},
{
"status": "affected",
"version": "21.11.12"
},
{
"status": "affected",
"version": "21.11.13"
},
{
"status": "affected",
"version": "21.11.14"
},
{
"status": "affected",
"version": "21.11.4"
},
{
"status": "affected",
"version": "21.11.5"
},
{
"status": "affected",
"version": "21.11.6"
},
{
"status": "affected",
"version": "21.11.7"
},
{
"status": "affected",
"version": "21.11.8"
},
{
"status": "affected",
"version": "21.11.9"
},
{
"status": "affected",
"version": "21.11.15"
},
{
"status": "affected",
"version": "21.11.16"
},
{
"status": "affected",
"version": "21.11.17"
},
{
"status": "affected",
"version": "21.11.18"
},
{
"status": "affected",
"version": "21.11.19"
},
{
"status": "affected",
"version": "21.11.20"
},
{
"status": "affected",
"version": "21.11.21"
},
{
"status": "affected",
"version": "21.12.0"
},
{
"status": "affected",
"version": "21.12.1"
},
{
"status": "affected",
"version": "21.12.2"
},
{
"status": "affected",
"version": "21.12.3"
},
{
"status": "affected",
"version": "21.12.4"
},
{
"status": "affected",
"version": "21.12.5"
},
{
"status": "affected",
"version": "21.12.6"
},
{
"status": "affected",
"version": "21.12.10"
},
{
"status": "affected",
"version": "21.12.11"
},
{
"status": "affected",
"version": "21.12.12"
},
{
"status": "affected",
"version": "21.12.13"
},
{
"status": "affected",
"version": "21.12.14"
},
{
"status": "affected",
"version": "21.12.16"
},
{
"status": "affected",
"version": "21.12.17"
},
{
"status": "affected",
"version": "21.12.18"
},
{
"status": "affected",
"version": "21.12.7"
},
{
"status": "affected",
"version": "21.12.8"
},
{
"status": "affected",
"version": "21.12.9"
},
{
"status": "affected",
"version": "21.12.19"
},
{
"status": "affected",
"version": "21.12.20"
},
{
"status": "affected",
"version": "21.12.21"
},
{
"status": "affected",
"version": "21.12.22"
},
{
"status": "affected",
"version": "21.12.15"
},
{
"status": "affected",
"version": "21.13.0"
},
{
"status": "affected",
"version": "21.13.1"
},
{
"status": "affected",
"version": "21.13.2"
},
{
"status": "affected",
"version": "21.13.3"
},
{
"status": "affected",
"version": "21.13.4"
},
{
"status": "affected",
"version": "21.13.10"
},
{
"status": "affected",
"version": "21.13.11"
},
{
"status": "affected",
"version": "21.13.12"
},
{
"status": "affected",
"version": "21.13.13"
},
{
"status": "affected",
"version": "21.13.14"
},
{
"status": "affected",
"version": "21.13.15"
},
{
"status": "affected",
"version": "21.13.16"
},
{
"status": "affected",
"version": "21.13.17"
},
{
"status": "affected",
"version": "21.13.18"
},
{
"status": "affected",
"version": "21.13.19"
},
{
"status": "affected",
"version": "21.13.20"
},
{
"status": "affected",
"version": "21.13.5"
},
{
"status": "affected",
"version": "21.13.6"
},
{
"status": "affected",
"version": "21.13.7"
},
{
"status": "affected",
"version": "21.13.8"
},
{
"status": "affected",
"version": "21.13.9"
},
{
"status": "affected",
"version": "21.13.21"
},
{
"status": "affected",
"version": "21.14.0"
},
{
"status": "affected",
"version": "21.14.1"
},
{
"status": "affected",
"version": "21.14.10"
},
{
"status": "affected",
"version": "21.14.11"
},
{
"status": "affected",
"version": "21.14.12"
},
{
"status": "affected",
"version": "21.14.16"
},
{
"status": "affected",
"version": "21.14.17"
},
{
"status": "affected",
"version": "21.14.19"
},
{
"status": "affected",
"version": "21.14.2"
},
{
"status": "affected",
"version": "21.14.20"
},
{
"status": "affected",
"version": "21.14.3"
},
{
"status": "affected",
"version": "21.14.4"
},
{
"status": "affected",
"version": "21.14.5"
},
{
"status": "affected",
"version": "21.14.6"
},
{
"status": "affected",
"version": "21.14.7"
},
{
"status": "affected",
"version": "21.14.8"
},
{
"status": "affected",
"version": "21.14.9"
},
{
"status": "affected",
"version": "21.14.b12"
},
{
"status": "affected",
"version": "21.14.b13"
},
{
"status": "affected",
"version": "21.14.b14"
},
{
"status": "affected",
"version": "21.14.b15"
},
{
"status": "affected",
"version": "21.14.b17"
},
{
"status": "affected",
"version": "21.14.b18"
},
{
"status": "affected",
"version": "21.14.b19"
},
{
"status": "affected",
"version": "21.14.b20"
},
{
"status": "affected",
"version": "21.14.b21"
},
{
"status": "affected",
"version": "21.14.22"
},
{
"status": "affected",
"version": "21.14.b22"
},
{
"status": "affected",
"version": "21.14.23"
},
{
"status": "affected",
"version": "21.15.0"
},
{
"status": "affected",
"version": "21.15.1"
},
{
"status": "affected",
"version": "21.15.10"
},
{
"status": "affected",
"version": "21.15.11"
},
{
"status": "affected",
"version": "21.15.12"
},
{
"status": "affected",
"version": "21.15.13"
},
{
"status": "affected",
"version": "21.15.14"
},
{
"status": "affected",
"version": "21.15.15"
},
{
"status": "affected",
"version": "21.15.16"
},
{
"status": "affected",
"version": "21.15.17"
},
{
"status": "affected",
"version": "21.15.18"
},
{
"status": "affected",
"version": "21.15.19"
},
{
"status": "affected",
"version": "21.15.2"
},
{
"status": "affected",
"version": "21.15.20"
},
{
"status": "affected",
"version": "21.15.21"
},
{
"status": "affected",
"version": "21.15.22"
},
{
"status": "affected",
"version": "21.15.24"
},
{
"status": "affected",
"version": "21.15.25"
},
{
"status": "affected",
"version": "21.15.26"
},
{
"status": "affected",
"version": "21.15.27"
},
{
"status": "affected",
"version": "21.15.28"
},
{
"status": "affected",
"version": "21.15.29"
},
{
"status": "affected",
"version": "21.15.3"
},
{
"status": "affected",
"version": "21.15.30"
},
{
"status": "affected",
"version": "21.15.32"
},
{
"status": "affected",
"version": "21.15.33"
},
{
"status": "affected",
"version": "21.15.36"
},
{
"status": "affected",
"version": "21.15.37"
},
{
"status": "affected",
"version": "21.15.39"
},
{
"status": "affected",
"version": "21.15.4"
},
{
"status": "affected",
"version": "21.15.40"
},
{
"status": "affected",
"version": "21.15.41"
},
{
"status": "affected",
"version": "21.15.5"
},
{
"status": "affected",
"version": "21.15.6"
},
{
"status": "affected",
"version": "21.15.7"
},
{
"status": "affected",
"version": "21.15.8"
},
{
"status": "affected",
"version": "21.15.43"
},
{
"status": "affected",
"version": "21.15.45"
},
{
"status": "affected",
"version": "21.15.46"
},
{
"status": "affected",
"version": "21.15.47"
},
{
"status": "affected",
"version": "21.15.48"
},
{
"status": "affected",
"version": "21.15.51"
},
{
"status": "affected",
"version": "21.15.52"
},
{
"status": "affected",
"version": "21.15.53"
},
{
"status": "affected",
"version": "21.15.54"
},
{
"status": "affected",
"version": "21.15.55"
},
{
"status": "affected",
"version": "21.15.57"
},
{
"status": "affected",
"version": "21.15.58"
},
{
"status": "affected",
"version": "21.15.59"
},
{
"status": "affected",
"version": "21.15.60"
},
{
"status": "affected",
"version": "21.16.2"
},
{
"status": "affected",
"version": "21.16.3"
},
{
"status": "affected",
"version": "21.16.4"
},
{
"status": "affected",
"version": "21.16.5"
},
{
"status": "affected",
"version": "21.16.c10"
},
{
"status": "affected",
"version": "21.16.c11"
},
{
"status": "affected",
"version": "21.16.c12"
},
{
"status": "affected",
"version": "21.16.c13"
},
{
"status": "affected",
"version": "21.16.c9"
},
{
"status": "affected",
"version": "21.16.d0"
},
{
"status": "affected",
"version": "21.16.d1"
},
{
"status": "affected",
"version": "21.16.6"
},
{
"status": "affected",
"version": "21.16.c14"
},
{
"status": "affected",
"version": "21.16.7"
},
{
"status": "affected",
"version": "21.16.c15"
},
{
"status": "affected",
"version": "21.16.8"
},
{
"status": "affected",
"version": "21.16.c16"
},
{
"status": "affected",
"version": "21.16.10"
},
{
"status": "affected",
"version": "21.16.9"
},
{
"status": "affected",
"version": "21.16.c17"
},
{
"status": "affected",
"version": "21.16.c18"
},
{
"status": "affected",
"version": "21.16.c19"
},
{
"status": "affected",
"version": "21.17.0"
},
{
"status": "affected",
"version": "21.17.1"
},
{
"status": "affected",
"version": "21.17.2"
},
{
"status": "affected",
"version": "21.17.3"
},
{
"status": "affected",
"version": "21.17.4"
},
{
"status": "affected",
"version": "21.17.5"
},
{
"status": "affected",
"version": "21.17.6"
},
{
"status": "affected",
"version": "21.17.7"
},
{
"status": "affected",
"version": "21.17.8"
},
{
"status": "affected",
"version": "21.17.10"
},
{
"status": "affected",
"version": "21.17.11"
},
{
"status": "affected",
"version": "21.17.9"
},
{
"status": "affected",
"version": "21.17.12"
},
{
"status": "affected",
"version": "21.17.13"
},
{
"status": "affected",
"version": "21.17.14"
},
{
"status": "affected",
"version": "21.17.15"
},
{
"status": "affected",
"version": "21.17.16"
},
{
"status": "affected",
"version": "21.17.17"
},
{
"status": "affected",
"version": "21.17.18"
},
{
"status": "affected",
"version": "21.17.19"
},
{
"status": "affected",
"version": "21.18.0"
},
{
"status": "affected",
"version": "21.18.1"
},
{
"status": "affected",
"version": "21.18.2"
},
{
"status": "affected",
"version": "21.18.3"
},
{
"status": "affected",
"version": "21.18.4"
},
{
"status": "affected",
"version": "21.18.5"
},
{
"status": "affected",
"version": "21.18.11"
},
{
"status": "affected",
"version": "21.18.6"
},
{
"status": "affected",
"version": "21.18.7"
},
{
"status": "affected",
"version": "21.18.8"
},
{
"status": "affected",
"version": "21.18.9"
},
{
"status": "affected",
"version": "21.18.12"
},
{
"status": "affected",
"version": "21.18.13"
},
{
"status": "affected",
"version": "21.18.14"
},
{
"status": "affected",
"version": "21.18.15"
},
{
"status": "affected",
"version": "21.18.16"
},
{
"status": "affected",
"version": "21.18.17"
},
{
"status": "affected",
"version": "21.18.18"
},
{
"status": "affected",
"version": "21.18.19"
},
{
"status": "affected",
"version": "21.18.20"
},
{
"status": "affected",
"version": "21.18.21"
},
{
"status": "affected",
"version": "21.18.22"
},
{
"status": "affected",
"version": "21.18.23"
},
{
"status": "affected",
"version": "21.18.24"
},
{
"status": "affected",
"version": "21.18.25"
},
{
"status": "affected",
"version": "21.18.26"
},
{
"status": "affected",
"version": "21.19.0"
},
{
"status": "affected",
"version": "21.19.1"
},
{
"status": "affected",
"version": "21.19.2"
},
{
"status": "affected",
"version": "21.19.3"
},
{
"status": "affected",
"version": "21.19.n2"
},
{
"status": "affected",
"version": "21.19.4"
},
{
"status": "affected",
"version": "21.19.5"
},
{
"status": "affected",
"version": "21.19.n3"
},
{
"status": "affected",
"version": "21.19.n4"
},
{
"status": "affected",
"version": "21.19.6"
},
{
"status": "affected",
"version": "21.19.7"
},
{
"status": "affected",
"version": "21.19.8"
},
{
"status": "affected",
"version": "21.19.n5"
},
{
"status": "affected",
"version": "21.19.10"
},
{
"status": "affected",
"version": "21.19.9"
},
{
"status": "affected",
"version": "21.19.n6"
},
{
"status": "affected",
"version": "21.19.n7"
},
{
"status": "affected",
"version": "21.19.n8"
},
{
"status": "affected",
"version": "21.19.11"
},
{
"status": "affected",
"version": "21.19.n10"
},
{
"status": "affected",
"version": "21.19.n11"
},
{
"status": "affected",
"version": "21.19.n12"
},
{
"status": "affected",
"version": "21.19.n13"
},
{
"status": "affected",
"version": "21.19.n14"
},
{
"status": "affected",
"version": "21.19.n15"
},
{
"status": "affected",
"version": "21.19.n16"
},
{
"status": "affected",
"version": "21.19.n9"
},
{
"status": "affected",
"version": "21.19.n17"
},
{
"status": "affected",
"version": "21.19.n18"
},
{
"status": "affected",
"version": "21.20.0"
},
{
"status": "affected",
"version": "21.20.1"
},
{
"status": "affected",
"version": "21.20.SV1"
},
{
"status": "affected",
"version": "21.20.SV3"
},
{
"status": "affected",
"version": "21.20.SV5"
},
{
"status": "affected",
"version": "21.20.2"
},
{
"status": "affected",
"version": "21.20.3"
},
{
"status": "affected",
"version": "21.20.4"
},
{
"status": "affected",
"version": "21.20.5"
},
{
"status": "affected",
"version": "21.20.6"
},
{
"status": "affected",
"version": "21.20.7"
},
{
"status": "affected",
"version": "21.20.8"
},
{
"status": "affected",
"version": "21.20.9"
},
{
"status": "affected",
"version": "21.20.k6"
},
{
"status": "affected",
"version": "21.20.10"
},
{
"status": "affected",
"version": "21.20.11"
},
{
"status": "affected",
"version": "21.20.k7"
},
{
"status": "affected",
"version": "21.20.u8"
},
{
"status": "affected",
"version": "21.20.12"
},
{
"status": "affected",
"version": "21.20.13"
},
{
"status": "affected",
"version": "21.20.14"
},
{
"status": "affected",
"version": "21.20.k8"
},
{
"status": "affected",
"version": "21.20.p9"
},
{
"status": "affected",
"version": "21.20.15"
},
{
"status": "affected",
"version": "21.20.16"
},
{
"status": "affected",
"version": "21.20.17"
},
{
"status": "affected",
"version": "21.20.18"
},
{
"status": "affected",
"version": "21.20.19"
},
{
"status": "affected",
"version": "21.20.20"
},
{
"status": "affected",
"version": "21.20.21"
},
{
"status": "affected",
"version": "21.20.22"
},
{
"status": "affected",
"version": "21.20.23"
},
{
"status": "affected",
"version": "21.20.24"
},
{
"status": "affected",
"version": "21.20.25"
},
{
"status": "affected",
"version": "21.20.26"
},
{
"status": "affected",
"version": "21.20.28"
},
{
"status": "affected",
"version": "21.20.29"
},
{
"status": "affected",
"version": "21.20.30"
},
{
"status": "affected",
"version": "21.20.c22"
},
{
"status": "affected",
"version": "21.20.31"
},
{
"status": "affected",
"version": "21.20.32"
},
{
"status": "affected",
"version": "21.20.33"
},
{
"status": "affected",
"version": "21.20.34"
},
{
"status": "affected",
"version": "21.20.35"
},
{
"status": "affected",
"version": "21.20.27"
},
{
"status": "affected",
"version": "21.20.SV2"
},
{
"status": "affected",
"version": "21.21.0"
},
{
"status": "affected",
"version": "21.21.1"
},
{
"status": "affected",
"version": "21.21.2"
},
{
"status": "affected",
"version": "21.21.3"
},
{
"status": "affected",
"version": "21.21.KS2"
},
{
"status": "affected",
"version": "21.22.0"
},
{
"status": "affected",
"version": "21.22.n2"
},
{
"status": "affected",
"version": "21.22.n3"
},
{
"status": "affected",
"version": "21.22.3"
},
{
"status": "affected",
"version": "21.22.4"
},
{
"status": "affected",
"version": "21.22.5"
},
{
"status": "affected",
"version": "21.22.uj3"
},
{
"status": "affected",
"version": "21.22.11"
},
{
"status": "affected",
"version": "21.22.6"
},
{
"status": "affected",
"version": "21.22.7"
},
{
"status": "affected",
"version": "21.22.8"
},
{
"status": "affected",
"version": "21.22.n4"
},
{
"status": "affected",
"version": "21.22.n5"
},
{
"status": "affected",
"version": "21.22.ua0"
},
{
"status": "affected",
"version": "21.22.ua2"
},
{
"status": "affected",
"version": "21.22.ua3"
},
{
"status": "affected",
"version": "21.22.ua5"
},
{
"status": "affected",
"version": "21.22.12"
},
{
"status": "affected",
"version": "21.22.13"
},
{
"status": "affected",
"version": "21.22.n10"
},
{
"status": "affected",
"version": "21.22.n11"
},
{
"status": "affected",
"version": "21.22.n12"
},
{
"status": "affected",
"version": "21.22.n6"
},
{
"status": "affected",
"version": "21.22.n7"
},
{
"status": "affected",
"version": "21.22.n8"
},
{
"status": "affected",
"version": "21.22.n9"
},
{
"status": "affected",
"version": "21.22.n13"
},
{
"status": "affected",
"version": "21.23.0"
},
{
"status": "affected",
"version": "21.23.1"
},
{
"status": "affected",
"version": "21.23.10"
},
{
"status": "affected",
"version": "21.23.11"
},
{
"status": "affected",
"version": "21.23.12"
},
{
"status": "affected",
"version": "21.23.13"
},
{
"status": "affected",
"version": "21.23.14"
},
{
"status": "affected",
"version": "21.23.15"
},
{
"status": "affected",
"version": "21.23.16"
},
{
"status": "affected",
"version": "21.23.17"
},
{
"status": "affected",
"version": "21.23.2"
},
{
"status": "affected",
"version": "21.23.3"
},
{
"status": "affected",
"version": "21.23.4"
},
{
"status": "affected",
"version": "21.23.5"
},
{
"status": "affected",
"version": "21.23.6"
},
{
"status": "affected",
"version": "21.23.7"
},
{
"status": "affected",
"version": "21.23.8"
},
{
"status": "affected",
"version": "21.23.9"
},
{
"status": "affected",
"version": "21.23.b2"
},
{
"status": "affected",
"version": "21.23.b3"
},
{
"status": "affected",
"version": "21.23.c16"
},
{
"status": "affected",
"version": "21.23.c17"
},
{
"status": "affected",
"version": "21.23.n6"
},
{
"status": "affected",
"version": "21.23.n7"
},
{
"status": "affected",
"version": "21.23.n9"
},
{
"status": "affected",
"version": "21.23.18"
},
{
"status": "affected",
"version": "21.23.19"
},
{
"status": "affected",
"version": "21.23.21"
},
{
"status": "affected",
"version": "21.23.22"
},
{
"status": "affected",
"version": "21.23.23"
},
{
"status": "affected",
"version": "21.23.24"
},
{
"status": "affected",
"version": "21.23.25"
},
{
"status": "affected",
"version": "21.23.26"
},
{
"status": "affected",
"version": "21.23.27"
},
{
"status": "affected",
"version": "21.23.29"
},
{
"status": "affected",
"version": "21.23.30"
},
{
"status": "affected",
"version": "21.23.c18"
},
{
"status": "affected",
"version": "21.23.n10"
},
{
"status": "affected",
"version": "21.23.n11"
},
{
"status": "affected",
"version": "21.23.n8"
},
{
"status": "affected",
"version": "21.23.yn14"
},
{
"status": "affected",
"version": "21.24.0"
},
{
"status": "affected",
"version": "21.24.1"
},
{
"status": "affected",
"version": "21.24.2"
},
{
"status": "affected",
"version": "21.24.3"
},
{
"status": "affected",
"version": "21.25.0"
},
{
"status": "affected",
"version": "21.25.3"
},
{
"status": "affected",
"version": "21.25.4"
},
{
"status": "affected",
"version": "21.25.5"
},
{
"status": "affected",
"version": "21.25.10"
},
{
"status": "affected",
"version": "21.25.11"
},
{
"status": "affected",
"version": "21.25.12"
},
{
"status": "affected",
"version": "21.25.13"
},
{
"status": "affected",
"version": "21.25.14"
},
{
"status": "affected",
"version": "21.25.6"
},
{
"status": "affected",
"version": "21.25.7"
},
{
"status": "affected",
"version": "21.25.8"
},
{
"status": "affected",
"version": "21.25.9"
},
{
"status": "affected",
"version": "21.26.0"
},
{
"status": "affected",
"version": "21.26.1"
},
{
"status": "affected",
"version": "21.26.10"
},
{
"status": "affected",
"version": "21.26.13"
},
{
"status": "affected",
"version": "21.26.14"
},
{
"status": "affected",
"version": "21.26.15"
},
{
"status": "affected",
"version": "21.26.3"
},
{
"status": "affected",
"version": "21.26.5"
},
{
"status": "affected",
"version": "21.26.6"
},
{
"status": "affected",
"version": "21.26.7"
},
{
"status": "affected",
"version": "21.26.17"
},
{
"status": "affected",
"version": "21.27.0"
},
{
"status": "affected",
"version": "21.27.1"
},
{
"status": "affected",
"version": "21.27.2"
},
{
"status": "affected",
"version": "21.27.3"
},
{
"status": "affected",
"version": "21.27.4"
},
{
"status": "affected",
"version": "21.27.5"
},
{
"status": "affected",
"version": "21.27.m0"
},
{
"status": "affected",
"version": "21.28.0"
},
{
"status": "affected",
"version": "21.28.1"
},
{
"status": "affected",
"version": "21.28.2"
},
{
"status": "affected",
"version": "21.28.m0"
},
{
"status": "affected",
"version": "21.28.m1"
},
{
"status": "affected",
"version": "21.28.m2"
},
{
"status": "affected",
"version": "21.28.m3"
}
]
},
{
"product": "Cisco Ultra Cloud Core - User Plane Function",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r There are workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-289",
"description": "Authentication Bypass by Alternate Name",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:38.039Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
],
"source": {
"advisory": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"defects": [
"CSCwd89468"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20046",
"datePublished": "2023-05-09T13:06:10.748Z",
"dateReserved": "2022-10-27T18:47:50.317Z",
"dateUpdated": "2024-08-02T08:57:35.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…