cvelistv5 - cve-2023-20016

CVE-2023-20016 (GCVE-0-2023-20016)

Vulnerability from cvelistv5 – Published: 2023-02-23 00:00 – Updated: 2024-10-25 16:04

Summary

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-321

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Unified Computing System (Managed)	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.614Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20016",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:41.126540Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:04:01.210Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Unified Computing System (Managed) ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ucsm-bkpsky-H8FCQgsA",
        "defect": [
          [
            "CSCvm53827",
            "CSCwc01592"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20016",
    "datePublished": "2023-02-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:04:01.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"834E1736-9E8D-476A-ADA9-EB81BEB8DC6C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CF884E9-68AA-44F7-A551-F7D7DF2378DB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC04D48B-8B2F-45E1-A445-A87E92E790B8\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"085034AF-4825-4E06-BCBD-6F0D80959A26\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BD99394-5B1B-49FB-9085-3D92E4DBF1A5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0B96E5C-CC27-4020-93CE-413B95DCABB0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AE37430-9711-443E-BF69-CAAEDD2A0E45\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49112D3F-DFAD-4E71-992B-9E0640FA388C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E325ADE-5098-4C1B-82FB-CB04DDB68A2A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"192B4BF0-A6E4-4241-8E30-48CAE65203F1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6BCF41B-A617-4563-8D14-E906411354FB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63D87F40-279D-46BD-9A1E-B980E9DDD24D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B82093C6-B36D-4E4E-AD7F-8C107646B8D9\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"148B3732-6F6C-4865-8FCC-A215883BEEC9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E406DDCE-6753-43E9-B6F0-7A038DE84E41\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.2\\\\(3c\\\\)\", \"matchCriteriaId\": \"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"027A27D8-DD06-420A-BCDC-553641F5CC83\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"054D8EB2-97A3-4725-9DFF-27A4D231D90A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.6.1\", \"matchCriteriaId\": \"FC22C69D-7B86-4ED8-87AA-D259D026CA6B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E9552E6-0B9B-4B32-BE79-90D4E3887A7B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0CBC7F5-7767-43B6-9384-BE143FCDBD7F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"957D64EB-D60E-4775-B9A8-B21CA48ED3B1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A694AD51-9008-4AE6-8240-98B17AB527EE\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38AE6DC0-2B03-4D36-9856-42530312CC46\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71DCEF22-ED20-4330-8502-EC2DD4C9838F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DB2822B-B752-4CD9-A178-934957E306B4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81F4868A-6D62-479C-9C19-F9AABDBB6B24\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65378F3A-777C-4AE2-87FB-1E7402F9EA1B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18048A84-BA0F-48EF-AFFB-635FF7F70C66\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"317DF3DD-C7CD-4CA2-804F-A738E048BEB4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C13CF29B-9308-452B-B7E0-9E818B5A6C1E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DB527C2-855E-4BB9-BCA7-94BE86100D44\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E82C1B05-990D-49D2-B80A-C3EDD4082840\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"421D91C3-8AB3-45E1-9E55-13ED1A4A623E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D741945-8B0A-408D-A5FE-D5B38DC6D46A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9308CA67-E949-4338-A890-22B3C4428D70\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.\"}]",
      "id": "CVE-2023-20016",
      "lastModified": "2024-11-21T07:40:20.983",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 4.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 4.0}]}",
      "published": "2023-02-23T20:15:13.407",
      "references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-321\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-330\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-20016\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2023-02-23T20:15:13.407\",\"lastModified\":\"2024-11-21T07:40:20.983\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-321\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"834E1736-9E8D-476A-ADA9-EB81BEB8DC6C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CF884E9-68AA-44F7-A551-F7D7DF2378DB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC04D48B-8B2F-45E1-A445-A87E92E790B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"085034AF-4825-4E06-BCBD-6F0D80959A26\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BD99394-5B1B-49FB-9085-3D92E4DBF1A5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0B96E5C-CC27-4020-93CE-413B95DCABB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AE37430-9711-443E-BF69-CAAEDD2A0E45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49112D3F-DFAD-4E71-992B-9E0640FA388C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E325ADE-5098-4C1B-82FB-CB04DDB68A2A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"192B4BF0-A6E4-4241-8E30-48CAE65203F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6BCF41B-A617-4563-8D14-E906411354FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63D87F40-279D-46BD-9A1E-B980E9DDD24D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B82093C6-B36D-4E4E-AD7F-8C107646B8D9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"148B3732-6F6C-4865-8FCC-A215883BEEC9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E406DDCE-6753-43E9-B6F0-7A038DE84E41\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2\\\\(3c\\\\)\",\"matchCriteriaId\":\"BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"027A27D8-DD06-420A-BCDC-553641F5CC83\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"054D8EB2-97A3-4725-9DFF-27A4D231D90A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.1\",\"matchCriteriaId\":\"FC22C69D-7B86-4ED8-87AA-D259D026CA6B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E9552E6-0B9B-4B32-BE79-90D4E3887A7B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0CBC7F5-7767-43B6-9384-BE143FCDBD7F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957D64EB-D60E-4775-B9A8-B21CA48ED3B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A694AD51-9008-4AE6-8240-98B17AB527EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38AE6DC0-2B03-4D36-9856-42530312CC46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71DCEF22-ED20-4330-8502-EC2DD4C9838F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB2822B-B752-4CD9-A178-934957E306B4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F4868A-6D62-479C-9C19-F9AABDBB6B24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65378F3A-777C-4AE2-87FB-1E7402F9EA1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18048A84-BA0F-48EF-AFFB-635FF7F70C66\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"317DF3DD-C7CD-4CA2-804F-A738E048BEB4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C13CF29B-9308-452B-B7E0-9E818B5A6C1E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB527C2-855E-4BB9-BCA7-94BE86100D44\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82C1B05-990D-49D2-B80A-C3EDD4082840\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"421D91C3-8AB3-45E1-9E55-13ED1A4A623E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D741945-8B0A-408D-A5FE-D5B38DC6D46A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9308CA67-E949-4338-A890-22B3C4428D70\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\", \"name\": \"20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:57:35.614Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-20016\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-25T14:36:41.126540Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-25T14:41:18.614Z\"}}], \"cna\": {\"title\": \"Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability\", \"source\": {\"defect\": [[\"CSCvm53827\", \"CSCwc01592\"]], \"advisory\": \"cisco-sa-ucsm-bkpsky-H8FCQgsA\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System (Managed) \", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. \"}], \"datePublic\": \"2023-02-23T00:00:00\", \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA\", \"name\": \"20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-321\", \"description\": \"CWE-321\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2023-02-23T00:00:00\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-20016\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-25T16:04:01.210Z\", \"dateReserved\": \"2022-10-27T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2023-02-23T00:00:00\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-XJ38-CQQV-5F7W

Vulnerability from github – Published: 2023-02-23 21:30 – Updated: 2023-03-13 18:30

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-20016"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-23T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.",
  "id": "GHSA-xj38-cqqv-5f7w",
  "modified": "2023-03-13T18:30:43Z",
  "published": "2023-02-23T21:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20016"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CISCO-SA-UCSM-BKPSKY-H8FCQGSA

Vulnerability from csaf_cisco - Published: 2023-02-22 16:00 - Updated: 2023-03-24 18:16

Summary

Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability

Notes

Summary

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is part of the February 2023 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2023 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75057"].

Vulnerable Products

This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco FXOS or Cisco UCS Manager Software: Firepower 4100 Series Firepower 9300 Security Appliances UCS 6200 Series Fabric Interconnects UCS 6300 Series Fabric Interconnects UCS 6400 Series Fabric Interconnects UCS 6500 Series Fabric Interconnects Note: Cisco FXOS Software releases 2.6.1 and later are not affected by this vulnerability. Only versions earlier than Release 2.6.1 are vulnerable. For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software ["#fs"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability. Cisco has confirmed that this vulnerability does not affect the following Cisco products: MDS 9000 Series Multilayer Switches Nexus 1000 Virtual Edge for VMware vSphere Nexus 1000V Switch for Microsoft Hyper-V Nexus 1000V Switch for VMware vSphere Nexus 3000 Series Switches Nexus 5500 Platform Switches Nexus 5600 Platform Switches Nexus 6000 Series Switches Nexus 7000 Series Switches Nexus 9000 Series Fabric Switches in ACI mode Nexus 9000 Series Switches in standalone NX-OS mode Secure Firewall 3100 Series

Workarounds

There are no workarounds that address this vulnerability.

Fixed Software

When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Cisco FXOS Software To help customers determine their exposure to vulnerabilities in Cisco FXOS Software, Cisco provides the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (“First Fixed”). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities that are described in all the advisories that the Software Checker identifies (“Combined First Fixed”). To use the tool, go to the Cisco Software Checker ["https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps: Choose which advisories the tool will search—only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"], or all advisories. Choose the appropriate platform. Enter a release number—for example, 2.9.1.158 for Cisco Firepower 4100 Series Security Appliances. Click Check. Only this advisory All Critical and High advisories All advisories Any Platform Firepower 4100 Series Firepower 9000 Series Cisco UCS Software At the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. The left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability. Cisco UCS Software Release First Fixed Release Earlier than 4.0 Migrate to a fixed release. 4.0 Migrate to a fixed release. 4.1 Migrate to a fixed release. 4.2 4.2(3d) The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

Cisco would like to thank the following security researchers for independently reporting this vulnerability: Odd Rune Dahle of the Norwegian Tax Authority Nate McDonald, Senior Security Consultant of GreenPages

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "Cisco would like to thank the following security researchers for independently reporting this vulnerability:\r\n\r\nOdd Rune Dahle of the Norwegian Tax Authority\r\nNate McDonald, Senior Security Consultant of GreenPages"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files.\r\n\r\nThis vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the February 2023 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2023 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75057\"].",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco FXOS or Cisco UCS Manager Software:\r\n\r\nFirepower 4100 Series\r\nFirepower 9300 Security Appliances\r\nUCS 6200 Series Fabric Interconnects\r\nUCS 6300 Series Fabric Interconnects\r\nUCS 6400 Series Fabric Interconnects\r\nUCS 6500 Series Fabric Interconnects\r\n\r\nNote: Cisco FXOS Software releases 2.6.1 and later are not affected by this vulnerability. Only versions earlier than Release 2.6.1 are vulnerable.\r\n\r\nFor information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software [\"#fs\"] section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that this vulnerability does not affect the following Cisco products:\r\n\r\nMDS 9000 Series Multilayer Switches\r\nNexus 1000 Virtual Edge for VMware vSphere\r\nNexus 1000V Switch for Microsoft Hyper-V\r\nNexus 1000V Switch for VMware vSphere\r\nNexus 3000 Series Switches\r\nNexus 5500 Platform Switches\r\nNexus 5600 Platform Switches\r\nNexus 6000 Series Switches\r\nNexus 7000 Series Switches\r\nNexus 9000 Series Fabric Switches in ACI mode\r\nNexus 9000 Series Switches in standalone NX-OS mode\r\nSecure Firewall 3100 Series",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "When considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n      Cisco FXOS Software\r\nTo help customers determine their exposure to vulnerabilities in Cisco FXOS Software, Cisco provides the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"]. This tool identifies any Cisco security advisories that impact a specific software release and the earliest release that fixes the vulnerabilities that are described in each advisory (\u201cFirst Fixed\u201d). If applicable, the tool also returns the earliest release that fixes all the vulnerabilities that are described in all the advisories that the Software Checker identifies (\u201cCombined First Fixed\u201d).\r\n\r\nTo use the tool, go to the Cisco Software Checker [\"https://sec.cloudapps.cisco.com/security/center/softwarechecker.x\"] page and follow the instructions. Alternatively, use the following form to search for vulnerabilities that affect a specific software release. To use the form, follow these steps:\r\n\r\nChoose which advisories the tool will search\u2014only this advisory, only advisories with a Critical or High Security Impact Rating (SIR) [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr\"], or all advisories.\r\nChoose the appropriate platform.\r\nEnter a release number\u2014for example, 2.9.1.158 for Cisco Firepower 4100 Series Security Appliances.\r\nClick Check.\r\n\r\n        Only this advisory  All Critical and High advisories  All advisories    Any Platform  Firepower 4100 Series  Firepower 9000 Series\r\n\r\n\r\n\r\n\r\n   Cisco UCS Software\r\nAt the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.\r\n\r\nThe left column lists Cisco software releases, and the right column indicates whether a release was affected by the vulnerability described in this advisory and which release included the fix for this vulnerability.\r\n        Cisco UCS Software Release  First Fixed Release          Earlier than 4.0  Migrate to a fixed release.      4.0  Migrate to a fixed release.      4.1  Migrate to a fixed release.      4.2  4.2(3d)\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "Cisco would like to thank the following security researchers for independently reporting this vulnerability:\r\n\r\nOdd Rune Dahle of the Norwegian Tax Authority\r\nNate McDonald, Senior Security Consultant of GreenPages",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
      },
      {
        "category": "external",
        "summary": "Cisco Event Response: February 2023 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication",
        "url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75057"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "considering software upgrades",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Cisco\u0026nbsp;Security Advisories page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "Cisco Software Checker",
        "url": "https://sec.cloudapps.cisco.com/security/center/softwarechecker.x"
      },
      {
        "category": "external",
        "summary": "Security Impact Rating (SIR)",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#asr"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
    "tracking": {
      "current_release_date": "2023-03-24T18:16:56+00:00",
      "generator": {
        "date": "2024-05-10T23:22:00+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-ucsm-bkpsky-H8FCQgsA",
      "initial_release_date": "2023-02-22T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2023-02-22T15:50:32+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        },
        {
          "date": "2023-03-24T18:16:56+00:00",
          "number": "1.1.0",
          "summary": "Updated fixed release table."
        }
      ],
      "status": "final",
      "version": "1.1.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_family",
            "name": "Cisco Unified Computing System (Managed)",
            "product": {
              "name": "Cisco Unified Computing System (Managed) ",
              "product_id": "CSAFPID-112776"
            }
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "2.2.1.63",
                    "product": {
                      "name": "2.2.1.63",
                      "product_id": "CSAFPID-253492"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.1.66",
                    "product": {
                      "name": "2.2.1.66",
                      "product_id": "CSAFPID-253493"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.1.70",
                    "product": {
                      "name": "2.2.1.70",
                      "product_id": "CSAFPID-253494"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.17",
                    "product": {
                      "name": "2.2.2.17",
                      "product_id": "CSAFPID-253495"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.19",
                    "product": {
                      "name": "2.2.2.19",
                      "product_id": "CSAFPID-253496"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.24",
                    "product": {
                      "name": "2.2.2.24",
                      "product_id": "CSAFPID-253497"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.26",
                    "product": {
                      "name": "2.2.2.26",
                      "product_id": "CSAFPID-253498"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.28",
                    "product": {
                      "name": "2.2.2.28",
                      "product_id": "CSAFPID-253499"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.54",
                    "product": {
                      "name": "2.2.2.54",
                      "product_id": "CSAFPID-253500"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.60",
                    "product": {
                      "name": "2.2.2.60",
                      "product_id": "CSAFPID-253501"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.71",
                    "product": {
                      "name": "2.2.2.71",
                      "product_id": "CSAFPID-253502"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.83",
                    "product": {
                      "name": "2.2.2.83",
                      "product_id": "CSAFPID-253503"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.86",
                    "product": {
                      "name": "2.2.2.86",
                      "product_id": "CSAFPID-253504"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.91",
                    "product": {
                      "name": "2.2.2.91",
                      "product_id": "CSAFPID-273567"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.97",
                    "product": {
                      "name": "2.2.2.97",
                      "product_id": "CSAFPID-273568"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.101",
                    "product": {
                      "name": "2.2.2.101",
                      "product_id": "CSAFPID-273569"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.137",
                    "product": {
                      "name": "2.2.2.137",
                      "product_id": "CSAFPID-280408"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.148",
                    "product": {
                      "name": "2.2.2.148",
                      "product_id": "CSAFPID-283753"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.2.2.149",
                    "product": {
                      "name": "2.2.2.149",
                      "product_id": "CSAFPID-283805"
                    }
                  }
                ],
                "category": "product_version",
                "name": "2.2"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "2.3.1.99",
                    "product": {
                      "name": "2.3.1.99",
                      "product_id": "CSAFPID-256167"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.93",
                    "product": {
                      "name": "2.3.1.93",
                      "product_id": "CSAFPID-256168"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.91",
                    "product": {
                      "name": "2.3.1.91",
                      "product_id": "CSAFPID-256169"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.88",
                    "product": {
                      "name": "2.3.1.88",
                      "product_id": "CSAFPID-256170"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.75",
                    "product": {
                      "name": "2.3.1.75",
                      "product_id": "CSAFPID-256171"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.73",
                    "product": {
                      "name": "2.3.1.73",
                      "product_id": "CSAFPID-256172"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.66",
                    "product": {
                      "name": "2.3.1.66",
                      "product_id": "CSAFPID-256173"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.58",
                    "product": {
                      "name": "2.3.1.58",
                      "product_id": "CSAFPID-256174"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.130",
                    "product": {
                      "name": "2.3.1.130",
                      "product_id": "CSAFPID-256175"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.111",
                    "product": {
                      "name": "2.3.1.111",
                      "product_id": "CSAFPID-256176"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.110",
                    "product": {
                      "name": "2.3.1.110",
                      "product_id": "CSAFPID-256177"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.144",
                    "product": {
                      "name": "2.3.1.144",
                      "product_id": "CSAFPID-271836"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.145",
                    "product": {
                      "name": "2.3.1.145",
                      "product_id": "CSAFPID-271837"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.155",
                    "product": {
                      "name": "2.3.1.155",
                      "product_id": "CSAFPID-271838"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.166",
                    "product": {
                      "name": "2.3.1.166",
                      "product_id": "CSAFPID-271839"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.173",
                    "product": {
                      "name": "2.3.1.173",
                      "product_id": "CSAFPID-276492"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.179",
                    "product": {
                      "name": "2.3.1.179",
                      "product_id": "CSAFPID-279079"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.180",
                    "product": {
                      "name": "2.3.1.180",
                      "product_id": "CSAFPID-279082"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.56",
                    "product": {
                      "name": "2.3.1.56",
                      "product_id": "CSAFPID-279083"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.190",
                    "product": {
                      "name": "2.3.1.190",
                      "product_id": "CSAFPID-280933"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.215",
                    "product": {
                      "name": "2.3.1.215",
                      "product_id": "CSAFPID-283751"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.216",
                    "product": {
                      "name": "2.3.1.216",
                      "product_id": "CSAFPID-283806"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.219",
                    "product": {
                      "name": "2.3.1.219",
                      "product_id": "CSAFPID-286446"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "2.3.1.230",
                    "product": {
                      "name": "2.3.1.230",
                      "product_id": "CSAFPID-289299"
                    }
                  }
                ],
                "category": "product_version",
                "name": "2.3"
              }
            ],
            "category": "product_family",
            "name": "Cisco Firepower Extensible Operating System (FXOS)"
          },
          {
            "category": "product_name",
            "name": "Cisco Firepower 9000 Series",
            "product": {
              "name": "Cisco Firepower 9000 Series",
              "product_id": "CSAFPID-277440"
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Firepower 4100 Series",
            "product": {
              "name": "Cisco Firepower 4100 Series",
              "product_id": "CSAFPID-277441"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.63 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253492:277440"
        },
        "product_reference": "CSAFPID-253492",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.63 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253492:277441"
        },
        "product_reference": "CSAFPID-253492",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.66 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253493:277440"
        },
        "product_reference": "CSAFPID-253493",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.66 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253493:277441"
        },
        "product_reference": "CSAFPID-253493",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.70 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253494:277440"
        },
        "product_reference": "CSAFPID-253494",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.1.70 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253494:277441"
        },
        "product_reference": "CSAFPID-253494",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.17 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253495:277440"
        },
        "product_reference": "CSAFPID-253495",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.17 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253495:277441"
        },
        "product_reference": "CSAFPID-253495",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.19 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253496:277440"
        },
        "product_reference": "CSAFPID-253496",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.19 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253496:277441"
        },
        "product_reference": "CSAFPID-253496",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.24 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253497:277440"
        },
        "product_reference": "CSAFPID-253497",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.24 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253497:277441"
        },
        "product_reference": "CSAFPID-253497",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.26 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253498:277440"
        },
        "product_reference": "CSAFPID-253498",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.26 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253498:277441"
        },
        "product_reference": "CSAFPID-253498",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.28 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253499:277440"
        },
        "product_reference": "CSAFPID-253499",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.28 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253499:277441"
        },
        "product_reference": "CSAFPID-253499",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.54 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253500:277440"
        },
        "product_reference": "CSAFPID-253500",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.54 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253500:277441"
        },
        "product_reference": "CSAFPID-253500",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.60 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253501:277440"
        },
        "product_reference": "CSAFPID-253501",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.60 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253501:277441"
        },
        "product_reference": "CSAFPID-253501",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.71 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253502:277440"
        },
        "product_reference": "CSAFPID-253502",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.71 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253502:277441"
        },
        "product_reference": "CSAFPID-253502",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.83 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253503:277440"
        },
        "product_reference": "CSAFPID-253503",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.83 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253503:277441"
        },
        "product_reference": "CSAFPID-253503",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.86 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-253504:277440"
        },
        "product_reference": "CSAFPID-253504",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.86 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-253504:277441"
        },
        "product_reference": "CSAFPID-253504",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.91 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-273567:277440"
        },
        "product_reference": "CSAFPID-273567",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.91 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-273567:277441"
        },
        "product_reference": "CSAFPID-273567",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.97 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-273568:277440"
        },
        "product_reference": "CSAFPID-273568",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.97 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-273568:277441"
        },
        "product_reference": "CSAFPID-273568",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.101 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-273569:277440"
        },
        "product_reference": "CSAFPID-273569",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.101 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-273569:277441"
        },
        "product_reference": "CSAFPID-273569",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.137 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-280408:277440"
        },
        "product_reference": "CSAFPID-280408",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.137 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-280408:277441"
        },
        "product_reference": "CSAFPID-280408",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.148 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-283753:277440"
        },
        "product_reference": "CSAFPID-283753",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.148 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-283753:277441"
        },
        "product_reference": "CSAFPID-283753",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.149 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-283805:277440"
        },
        "product_reference": "CSAFPID-283805",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.2.2.149 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-283805:277441"
        },
        "product_reference": "CSAFPID-283805",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.99 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256167:277440"
        },
        "product_reference": "CSAFPID-256167",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.99 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256167:277441"
        },
        "product_reference": "CSAFPID-256167",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.93 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256168:277440"
        },
        "product_reference": "CSAFPID-256168",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.93 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256168:277441"
        },
        "product_reference": "CSAFPID-256168",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.91 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256169:277440"
        },
        "product_reference": "CSAFPID-256169",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.91 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256169:277441"
        },
        "product_reference": "CSAFPID-256169",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.88 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256170:277440"
        },
        "product_reference": "CSAFPID-256170",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.88 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256170:277441"
        },
        "product_reference": "CSAFPID-256170",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.75 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256171:277440"
        },
        "product_reference": "CSAFPID-256171",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.75 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256171:277441"
        },
        "product_reference": "CSAFPID-256171",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.73 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256172:277440"
        },
        "product_reference": "CSAFPID-256172",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.73 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256172:277441"
        },
        "product_reference": "CSAFPID-256172",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.66 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256173:277440"
        },
        "product_reference": "CSAFPID-256173",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.66 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256173:277441"
        },
        "product_reference": "CSAFPID-256173",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.58 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256174:277440"
        },
        "product_reference": "CSAFPID-256174",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.58 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256174:277441"
        },
        "product_reference": "CSAFPID-256174",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.130 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256175:277440"
        },
        "product_reference": "CSAFPID-256175",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.130 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256175:277441"
        },
        "product_reference": "CSAFPID-256175",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.111 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256176:277440"
        },
        "product_reference": "CSAFPID-256176",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.111 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256176:277441"
        },
        "product_reference": "CSAFPID-256176",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.110 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-256177:277440"
        },
        "product_reference": "CSAFPID-256177",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.110 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-256177:277441"
        },
        "product_reference": "CSAFPID-256177",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.144 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-271836:277440"
        },
        "product_reference": "CSAFPID-271836",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.144 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-271836:277441"
        },
        "product_reference": "CSAFPID-271836",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.145 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-271837:277440"
        },
        "product_reference": "CSAFPID-271837",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.145 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-271837:277441"
        },
        "product_reference": "CSAFPID-271837",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.155 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-271838:277440"
        },
        "product_reference": "CSAFPID-271838",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.155 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-271838:277441"
        },
        "product_reference": "CSAFPID-271838",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.166 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-271839:277440"
        },
        "product_reference": "CSAFPID-271839",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.166 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-271839:277441"
        },
        "product_reference": "CSAFPID-271839",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.173 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-276492:277440"
        },
        "product_reference": "CSAFPID-276492",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.173 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-276492:277441"
        },
        "product_reference": "CSAFPID-276492",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.179 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-279079:277440"
        },
        "product_reference": "CSAFPID-279079",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.179 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-279079:277441"
        },
        "product_reference": "CSAFPID-279079",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.180 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-279082:277440"
        },
        "product_reference": "CSAFPID-279082",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.180 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-279082:277441"
        },
        "product_reference": "CSAFPID-279082",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.56 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-279083:277440"
        },
        "product_reference": "CSAFPID-279083",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.56 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-279083:277441"
        },
        "product_reference": "CSAFPID-279083",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.190 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-280933:277440"
        },
        "product_reference": "CSAFPID-280933",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.190 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-280933:277441"
        },
        "product_reference": "CSAFPID-280933",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.215 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-283751:277440"
        },
        "product_reference": "CSAFPID-283751",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.215 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-283751:277441"
        },
        "product_reference": "CSAFPID-283751",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.216 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-283806:277440"
        },
        "product_reference": "CSAFPID-283806",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.216 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-283806:277441"
        },
        "product_reference": "CSAFPID-283806",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.219 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-286446:277440"
        },
        "product_reference": "CSAFPID-286446",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.219 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-286446:277441"
        },
        "product_reference": "CSAFPID-286446",
        "relates_to_product_reference": "CSAFPID-277441"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.230 when installed on Cisco Firepower 9000 Series",
          "product_id": "CSAFPID-289299:277440"
        },
        "product_reference": "CSAFPID-289299",
        "relates_to_product_reference": "CSAFPID-277440"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Cisco Firepower Extensible Operating System (FXOS) 2.3.1.230 when installed on Cisco Firepower 4100 Series",
          "product_id": "CSAFPID-289299:277441"
        },
        "product_reference": "CSAFPID-289299",
        "relates_to_product_reference": "CSAFPID-277441"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-20016",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwc01592"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCvm53827"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-112776",
          "CSAFPID-253492:277440",
          "CSAFPID-253492:277441",
          "CSAFPID-253493:277440",
          "CSAFPID-253493:277441",
          "CSAFPID-253494:277440",
          "CSAFPID-253494:277441",
          "CSAFPID-253495:277440",
          "CSAFPID-253495:277441",
          "CSAFPID-253496:277440",
          "CSAFPID-253496:277441",
          "CSAFPID-253497:277440",
          "CSAFPID-253497:277441",
          "CSAFPID-253498:277440",
          "CSAFPID-253498:277441",
          "CSAFPID-253499:277440",
          "CSAFPID-253499:277441",
          "CSAFPID-253500:277440",
          "CSAFPID-253500:277441",
          "CSAFPID-253501:277440",
          "CSAFPID-253501:277441",
          "CSAFPID-253502:277440",
          "CSAFPID-253502:277441",
          "CSAFPID-253503:277440",
          "CSAFPID-253503:277441",
          "CSAFPID-253504:277440",
          "CSAFPID-253504:277441",
          "CSAFPID-256167:277440",
          "CSAFPID-256167:277441",
          "CSAFPID-256168:277440",
          "CSAFPID-256168:277441",
          "CSAFPID-256169:277440",
          "CSAFPID-256169:277441",
          "CSAFPID-256170:277440",
          "CSAFPID-256170:277441",
          "CSAFPID-256171:277440",
          "CSAFPID-256171:277441",
          "CSAFPID-256172:277440",
          "CSAFPID-256172:277441",
          "CSAFPID-256173:277440",
          "CSAFPID-256173:277441",
          "CSAFPID-256174:277440",
          "CSAFPID-256174:277441",
          "CSAFPID-256175:277440",
          "CSAFPID-256175:277441",
          "CSAFPID-256176:277440",
          "CSAFPID-256176:277441",
          "CSAFPID-256177:277440",
          "CSAFPID-256177:277441",
          "CSAFPID-271836:277440",
          "CSAFPID-271836:277441",
          "CSAFPID-271837:277440",
          "CSAFPID-271837:277441",
          "CSAFPID-271838:277440",
          "CSAFPID-271838:277441",
          "CSAFPID-271839:277440",
          "CSAFPID-271839:277441",
          "CSAFPID-273567:277440",
          "CSAFPID-273567:277441",
          "CSAFPID-273568:277440",
          "CSAFPID-273568:277441",
          "CSAFPID-273569:277440",
          "CSAFPID-273569:277441",
          "CSAFPID-276492:277440",
          "CSAFPID-276492:277441",
          "CSAFPID-279079:277440",
          "CSAFPID-279079:277441",
          "CSAFPID-279082:277440",
          "CSAFPID-279082:277441",
          "CSAFPID-279083:277440",
          "CSAFPID-279083:277441",
          "CSAFPID-280408:277440",
          "CSAFPID-280408:277441",
          "CSAFPID-280933:277440",
          "CSAFPID-280933:277441",
          "CSAFPID-283751:277440",
          "CSAFPID-283751:277441",
          "CSAFPID-283753:277440",
          "CSAFPID-283753:277441",
          "CSAFPID-283805:277440",
          "CSAFPID-283805:277441",
          "CSAFPID-283806:277440",
          "CSAFPID-283806:277441",
          "CSAFPID-286446:277440",
          "CSAFPID-286446:277441",
          "CSAFPID-289299:277440",
          "CSAFPID-289299:277441"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-112776",
            "CSAFPID-253492:277440",
            "CSAFPID-253492:277441",
            "CSAFPID-253493:277440",
            "CSAFPID-253493:277441",
            "CSAFPID-253494:277440",
            "CSAFPID-253494:277441",
            "CSAFPID-253495:277440",
            "CSAFPID-253495:277441",
            "CSAFPID-253496:277440",
            "CSAFPID-253496:277441",
            "CSAFPID-253497:277440",
            "CSAFPID-253497:277441",
            "CSAFPID-253498:277440",
            "CSAFPID-253498:277441",
            "CSAFPID-253499:277440",
            "CSAFPID-253499:277441",
            "CSAFPID-253500:277440",
            "CSAFPID-253500:277441",
            "CSAFPID-253501:277440",
            "CSAFPID-253501:277441",
            "CSAFPID-253502:277440",
            "CSAFPID-253502:277441",
            "CSAFPID-253503:277440",
            "CSAFPID-253503:277441",
            "CSAFPID-253504:277440",
            "CSAFPID-253504:277441",
            "CSAFPID-256167:277440",
            "CSAFPID-256167:277441",
            "CSAFPID-256168:277440",
            "CSAFPID-256168:277441",
            "CSAFPID-256169:277440",
            "CSAFPID-256169:277441",
            "CSAFPID-256170:277440",
            "CSAFPID-256170:277441",
            "CSAFPID-256171:277440",
            "CSAFPID-256171:277441",
            "CSAFPID-256172:277440",
            "CSAFPID-256172:277441",
            "CSAFPID-256173:277440",
            "CSAFPID-256173:277441",
            "CSAFPID-256174:277440",
            "CSAFPID-256174:277441",
            "CSAFPID-256175:277440",
            "CSAFPID-256175:277441",
            "CSAFPID-256176:277440",
            "CSAFPID-256176:277441",
            "CSAFPID-256177:277440",
            "CSAFPID-256177:277441",
            "CSAFPID-271836:277440",
            "CSAFPID-271836:277441",
            "CSAFPID-271837:277440",
            "CSAFPID-271837:277441",
            "CSAFPID-271838:277440",
            "CSAFPID-271838:277441",
            "CSAFPID-271839:277440",
            "CSAFPID-271839:277441",
            "CSAFPID-273567:277440",
            "CSAFPID-273567:277441",
            "CSAFPID-273568:277440",
            "CSAFPID-273568:277441",
            "CSAFPID-273569:277440",
            "CSAFPID-273569:277441",
            "CSAFPID-276492:277440",
            "CSAFPID-276492:277441",
            "CSAFPID-279079:277440",
            "CSAFPID-279079:277441",
            "CSAFPID-279082:277440",
            "CSAFPID-279082:277441",
            "CSAFPID-279083:277440",
            "CSAFPID-279083:277441",
            "CSAFPID-280408:277440",
            "CSAFPID-280408:277441",
            "CSAFPID-280933:277440",
            "CSAFPID-280933:277441",
            "CSAFPID-283751:277440",
            "CSAFPID-283751:277441",
            "CSAFPID-283753:277440",
            "CSAFPID-283753:277441",
            "CSAFPID-283805:277440",
            "CSAFPID-283805:277441",
            "CSAFPID-283806:277440",
            "CSAFPID-283806:277441",
            "CSAFPID-286446:277440",
            "CSAFPID-286446:277441",
            "CSAFPID-289299:277440",
            "CSAFPID-289299:277441"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-112776",
            "CSAFPID-253492:277440",
            "CSAFPID-253492:277441",
            "CSAFPID-253493:277440",
            "CSAFPID-253493:277441",
            "CSAFPID-253494:277440",
            "CSAFPID-253494:277441",
            "CSAFPID-253495:277440",
            "CSAFPID-253495:277441",
            "CSAFPID-253496:277440",
            "CSAFPID-253496:277441",
            "CSAFPID-253497:277440",
            "CSAFPID-253497:277441",
            "CSAFPID-253498:277440",
            "CSAFPID-253498:277441",
            "CSAFPID-253499:277440",
            "CSAFPID-253499:277441",
            "CSAFPID-253500:277440",
            "CSAFPID-253500:277441",
            "CSAFPID-253501:277440",
            "CSAFPID-253501:277441",
            "CSAFPID-253502:277440",
            "CSAFPID-253502:277441",
            "CSAFPID-253503:277440",
            "CSAFPID-253503:277441",
            "CSAFPID-253504:277440",
            "CSAFPID-253504:277441",
            "CSAFPID-256167:277440",
            "CSAFPID-256167:277441",
            "CSAFPID-256168:277440",
            "CSAFPID-256168:277441",
            "CSAFPID-256169:277440",
            "CSAFPID-256169:277441",
            "CSAFPID-256170:277440",
            "CSAFPID-256170:277441",
            "CSAFPID-256171:277440",
            "CSAFPID-256171:277441",
            "CSAFPID-256172:277440",
            "CSAFPID-256172:277441",
            "CSAFPID-256173:277440",
            "CSAFPID-256173:277441",
            "CSAFPID-256174:277440",
            "CSAFPID-256174:277441",
            "CSAFPID-256175:277440",
            "CSAFPID-256175:277441",
            "CSAFPID-256176:277440",
            "CSAFPID-256176:277441",
            "CSAFPID-256177:277440",
            "CSAFPID-256177:277441",
            "CSAFPID-271836:277440",
            "CSAFPID-271836:277441",
            "CSAFPID-271837:277440",
            "CSAFPID-271837:277441",
            "CSAFPID-271838:277440",
            "CSAFPID-271838:277441",
            "CSAFPID-271839:277440",
            "CSAFPID-271839:277441",
            "CSAFPID-273567:277440",
            "CSAFPID-273567:277441",
            "CSAFPID-273568:277440",
            "CSAFPID-273568:277441",
            "CSAFPID-273569:277440",
            "CSAFPID-273569:277441",
            "CSAFPID-276492:277440",
            "CSAFPID-276492:277441",
            "CSAFPID-279079:277440",
            "CSAFPID-279079:277441",
            "CSAFPID-279082:277440",
            "CSAFPID-279082:277441",
            "CSAFPID-279083:277440",
            "CSAFPID-279083:277441",
            "CSAFPID-280408:277440",
            "CSAFPID-280408:277441",
            "CSAFPID-280933:277440",
            "CSAFPID-280933:277441",
            "CSAFPID-283751:277440",
            "CSAFPID-283751:277441",
            "CSAFPID-283753:277440",
            "CSAFPID-283753:277441",
            "CSAFPID-283805:277440",
            "CSAFPID-283805:277441",
            "CSAFPID-283806:277440",
            "CSAFPID-283806:277441",
            "CSAFPID-286446:277440",
            "CSAFPID-286446:277441",
            "CSAFPID-289299:277440",
            "CSAFPID-289299:277441"
          ]
        }
      ],
      "title": "Cisco UCS Manager Software Configuration Backup Static Key Vulnerability"
    }
  ]
}

GSD-2023-20016

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-20016

Aliases

CVE-2023-20016

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-20016",
    "id": "GSD-2023-20016"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-20016"
      ],
      "details": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.",
      "id": "GSD-2023-20016",
      "modified": "2023-12-13T01:20:28.706742Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2023-02-23T00:00:00",
        "ID": "CVE-2023-20016",
        "STATE": "PUBLIC",
        "TITLE": "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Unified Computing System (Managed) ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "6.3",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-321"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
            "refsource": "CISCO",
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-ucsm-bkpsky-H8FCQgsA",
        "defect": [
          [
            "CSCvm53827",
            "CSCwc01592"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "4.2\\(3c\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.6.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2023-20016"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-330"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.0,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2023-03-13T16:29Z",
      "publishedDate": "2023-02-23T20:15Z"
    }
  }
}

FKIE_CVE-2023-20016

Vulnerability from fkie_nvd - Published: 2023-02-23 20:15 - Updated: 2024-11-21 07:40

Severity ?

6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ucs_central_software	*
cisco	ucs_6536_firmware	-
cisco	ucs_6536	-
cisco	ucs_central_software	*
cisco	ucs_64108_firmware	-
cisco	ucs_64108	-
cisco	ucs_central_software	*
cisco	ucs_6454_firmware	-
cisco	ucs_6454	-
cisco	ucs_central_software	*
cisco	ucs_6200_firmware	-
cisco	ucs_6200	-
cisco	ucs_central_software	*
cisco	ucs_6248up_firmware	-
cisco	ucs_6248up	-
cisco	ucs_central_software	*
cisco	ucs_6296up_firmware	-
cisco	ucs_6296up	-
cisco	ucs_central_software	*
cisco	ucs_6300_firmware	-
cisco	ucs_6300	-
cisco	ucs_central_software	*
cisco	ucs_6324_firmware	-
cisco	ucs_6324	-
cisco	ucs_central_software	*
cisco	ucs_6332_firmware	-
cisco	ucs_6332	-
cisco	ucs_central_software	*
cisco	ucs_6332-16up_firmware	-
cisco	ucs_6332-16up	-
cisco	fxos	*
cisco	firepower_4100	-
cisco	firepower_4110	-
cisco	firepower_4112	-
cisco	firepower_4115	-
cisco	firepower_4120	-
cisco	firepower_4125	-
cisco	firepower_4140	-
cisco	firepower_4145	-
cisco	firepower_4150	-
cisco	firepower_9300_sm-24	-
cisco	firepower_9300_sm-36	-
cisco	firepower_9300_sm-40	-
cisco	firepower_9300_sm-44	-
cisco	firepower_9300_sm-44_x_3	-
cisco	firepower_9300_sm-48	-
cisco	firepower_9300_sm-56	-
cisco	firepower_9300_sm-56_x_3	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "834E1736-9E8D-476A-ADA9-EB81BEB8DC6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CF884E9-68AA-44F7-A551-F7D7DF2378DB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "085034AF-4825-4E06-BCBD-6F0D80959A26",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD99394-5B1B-49FB-9085-3D92E4DBF1A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B96E5C-CC27-4020-93CE-413B95DCABB0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE37430-9711-443E-BF69-CAAEDD2A0E45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E325ADE-5098-4C1B-82FB-CB04DDB68A2A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "192B4BF0-A6E4-4241-8E30-48CAE65203F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D87F40-279D-46BD-9A1E-B980E9DDD24D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "148B3732-6F6C-4865-8FCC-A215883BEEC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E406DDCE-6753-43E9-B6F0-7A038DE84E41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15",
              "versionEndExcluding": "4.2\\(3c\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "027A27D8-DD06-420A-BCDC-553641F5CC83",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "054D8EB2-97A3-4725-9DFF-27A4D231D90A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC22C69D-7B86-4ED8-87AA-D259D026CA6B",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18048A84-BA0F-48EF-AFFB-635FF7F70C66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "317DF3DD-C7CD-4CA2-804F-A738E048BEB4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13CF29B-9308-452B-B7E0-9E818B5A6C1E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB527C2-855E-4BB9-BCA7-94BE86100D44",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82C1B05-990D-49D2-B80A-C3EDD4082840",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "421D91C3-8AB3-45E1-9E55-13ED1A4A623E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D741945-8B0A-408D-A5FE-D5B38DC6D46A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9308CA67-E949-4338-A890-22B3C4428D70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials."
    }
  ],
  "id": "CVE-2023-20016",
  "lastModified": "2024-11-21T07:40:20.983",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 4.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-23T20:15:13.407",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-321"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-330"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2023-0464

Vulnerability from csaf_certbund - Published: 2023-02-22 23:00 - Updated: 2023-02-22 23:00

Summary

Cisco Produkte: Schwachstelle ermöglicht Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Firepower ist eine Firewall-Plattform von Cisco Das Cisco Unified Communications System integriert Sprach-, Video- und andere kollaborative Anwendungen in intelligente netzwerkbasierte Kommunikationslösungen. FXOS (FirePOWER eXtensible Operating System) ist ein Betriebssystem für Cisco Firepower Appliances Cisco NX-OS ist ein Data Center Netzwerk-Betriebssystem für virtualisierte Rechenzentren. NX-OS wurde für Ethernet Switches der Nexus Serie und Fibre Channel Storage Area Network Swiches der MDS Serie entwickelt.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Cisco Firepower, Cisco Unified Communications System, Cisco FXOS und Cisco NX-OS ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- CISCO Appliance

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Firepower ist eine Firewall-Plattform von Cisco\r\nDas Cisco Unified Communications System integriert Sprach-, Video- und andere kollaborative Anwendungen in intelligente netzwerkbasierte Kommunikationsl\u00f6sungen.\r\nFXOS (FirePOWER eXtensible Operating System) ist ein Betriebssystem f\u00fcr Cisco Firepower Appliances\r\nCisco NX-OS ist ein Data Center Netzwerk-Betriebssystem f\u00fcr virtualisierte Rechenzentren. NX-OS wurde f\u00fcr Ethernet Switches der Nexus Serie und Fibre Channel Storage Area Network Swiches der MDS Serie entwickelt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Cisco Firepower, Cisco Unified Communications System, Cisco FXOS und Cisco NX-OS ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- CISCO Appliance",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0464 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0464.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0464 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0464"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory vom 2023-02-22",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA"
      }
    ],
    "source_lang": "en-US",
    "title": "Cisco Produkte: Schwachstelle erm\u00f6glicht Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2023-02-22T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:44:43.681+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0464",
      "initial_release_date": "2023-02-22T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-02-22T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Cisco FXOS",
            "product": {
              "name": "Cisco FXOS",
              "product_id": "660564",
              "product_identification_helper": {
                "cpe": "cpe:/o:cisco:fxos:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Cisco Firepower 4100",
                "product": {
                  "name": "Cisco Firepower 4100",
                  "product_id": "T013710",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:firepower:4100"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Firepower 9300",
                "product": {
                  "name": "Cisco Firepower 9300",
                  "product_id": "T013711",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:firepower:9300"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Firepower"
          },
          {
            "category": "product_name",
            "name": "Cisco NX-OS",
            "product": {
              "name": "Cisco NX-OS",
              "product_id": "T000310",
              "product_identification_helper": {
                "cpe": "cpe:/o:cisco:nx-os:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Cisco Unified Communications System 6200",
                "product": {
                  "name": "Cisco Unified Communications System 6200",
                  "product_id": "T026481",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:unified_communications_system:6200"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Unified Communications System 6300",
                "product": {
                  "name": "Cisco Unified Communications System 6300",
                  "product_id": "T026482",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:unified_communications_system:6300"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Unified Communications System 6400",
                "product": {
                  "name": "Cisco Unified Communications System 6400",
                  "product_id": "T026483",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:unified_communications_system:6400"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Cisco Unified Communications System 6500",
                "product": {
                  "name": "Cisco Unified Communications System 6500",
                  "product_id": "T026484",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cisco:unified_communications_system:6500"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Unified Communications System"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-20016",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Cisco Firepower, Cisco Unified Communications System, Cisco FXOS und Cisco NX-OS. Der Fehler besteht aufgrund einer Schw\u00e4che in der Verschl\u00fcsselungsmethode, die f\u00fcr die Backup-Funktion verwendet wird. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T026481",
          "T026483",
          "T026482",
          "T013710",
          "660564",
          "T013711",
          "T000310",
          "T026484"
        ]
      },
      "release_date": "2023-02-22T23:00:00.000+00:00",
      "title": "CVE-2023-20016"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-20016 (GCVE-0-2023-20016)

GHSA-XJ38-CQQV-5F7W

CISCO-SA-UCSM-BKPSKY-H8FCQGSA

GSD-2023-20016

FKIE_CVE-2023-20016

WID-SEC-W-2023-0464

Tags

Sightings

Nomenclature