cve-2023-20190
Vulnerability from cvelistv5
Published
2023-09-13 16:43
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device.
This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting.
There are workarounds that address this vulnerability.
This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .
References
▼ | URL | Tags | |
---|---|---|---|
ykramarz@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3 | Exploit, Vendor Advisory |
Impacted products
▼ | Vendor | Product |
---|---|---|
Cisco | Cisco IOS XR Software |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:05:35.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-comp3acl-vGmp6BQ3", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Cisco IOS XR Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "5.2.0" }, { "status": "affected", "version": "5.2.1" }, { "status": "affected", "version": "5.2.2" }, { "status": "affected", "version": "5.2.4" }, { "status": "affected", "version": "5.2.3" }, { "status": "affected", "version": "5.2.5" }, { "status": "affected", "version": "5.2.47" }, { "status": "affected", "version": "5.3.0" }, { "status": "affected", "version": "5.3.1" }, { "status": "affected", "version": "5.3.2" }, { "status": "affected", "version": "5.3.3" }, { "status": "affected", "version": "5.3.4" }, { "status": "affected", "version": "6.0.0" }, { "status": "affected", "version": "6.0.1" }, { "status": "affected", "version": "6.0.2" }, { "status": "affected", "version": "6.1.1" }, { "status": "affected", "version": "6.1.2" }, { "status": "affected", "version": "6.1.3" }, { "status": "affected", "version": "6.1.4" }, { "status": "affected", "version": "6.1.12" }, { "status": "affected", "version": "6.1.22" }, { "status": "affected", "version": "6.1.32" }, { "status": "affected", "version": "6.1.36" }, { "status": "affected", "version": "6.1.42" }, { "status": "affected", "version": "6.2.1" }, { "status": "affected", "version": "6.2.2" }, { "status": "affected", "version": "6.2.3" }, { "status": "affected", "version": "6.2.25" }, { "status": "affected", "version": "6.2.11" }, { "status": "affected", "version": "6.3.2" }, { "status": "affected", "version": "6.3.3" }, { "status": "affected", "version": "6.3.15" }, { "status": "affected", "version": "6.4.1" }, { "status": "affected", "version": "6.4.2" }, { "status": "affected", "version": "6.4.3" }, { "status": "affected", "version": "6.5.1" }, { "status": "affected", "version": "6.5.2" }, { "status": "affected", "version": "6.5.3" }, { "status": "affected", "version": "6.5.25" }, { "status": "affected", "version": "6.5.26" }, { "status": "affected", "version": "6.5.28" }, { "status": "affected", "version": "6.5.29" }, { "status": "affected", "version": "6.5.32" }, { "status": "affected", "version": "6.5.33" }, { "status": "affected", "version": "6.6.2" }, { "status": "affected", "version": "6.6.3" }, { "status": "affected", "version": "6.6.25" }, { "status": "affected", "version": "6.6.4" }, { "status": "affected", "version": "7.0.1" }, { "status": "affected", "version": "7.0.2" }, { "status": "affected", "version": "7.0.12" }, { "status": "affected", "version": "7.0.14" }, { "status": "affected", "version": "7.1.1" }, { "status": "affected", "version": "7.1.15" }, { "status": "affected", "version": "7.1.2" }, { "status": "affected", "version": "7.1.3" }, { "status": "affected", "version": "6.7.1" }, { "status": "affected", "version": "6.7.2" }, { "status": "affected", "version": "6.7.3" }, { "status": "affected", "version": "6.7.4" }, { "status": "affected", "version": "7.2.0" }, { "status": "affected", "version": "7.2.1" }, { "status": "affected", "version": "7.2.2" }, { "status": "affected", "version": "7.3.1" }, { "status": "affected", "version": "7.3.15" }, { "status": "affected", "version": "7.3.2" }, { "status": "affected", "version": "7.3.3" }, { "status": "affected", "version": "7.4.1" }, { "status": "affected", "version": "7.4.2" }, { "status": "affected", "version": "6.8.1" }, { "status": "affected", "version": "6.8.2" }, { "status": "affected", "version": "7.5.1" }, { "status": "affected", "version": "7.5.3" }, { "status": "affected", "version": "7.5.2" }, { "status": "affected", "version": "7.6.1" }, { "status": "affected", "version": "7.6.2" }, { "status": "affected", "version": "7.7.1" }, { "status": "affected", "version": "7.7.2" }, { "status": "affected", "version": "6.9.1" }, { "status": "affected", "version": "6.9.2" }, { "status": "affected", "version": "7.8.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device.\r\n\r This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting.\r\n\r There are workarounds that address this vulnerability.\r\n\r \r\n\r \r This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication ." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-264", "description": "Permissions, Privileges, and Access Control", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:57:53.381Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-comp3acl-vGmp6BQ3", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3" } ], "source": { "advisory": "cisco-sa-comp3acl-vGmp6BQ3", "defects": [ "CSCwe08950" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20190", "datePublished": "2023-09-13T16:43:32.847Z", "dateReserved": "2022-10-27T18:47:50.364Z", "dateUpdated": "2024-08-02T09:05:35.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-20190\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2023-09-13T17:15:09.357\",\"lastModified\":\"2024-01-25T17:15:33.977\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device.\\r\\n\\r This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting.\\r\\n\\r There are workarounds that address this vulnerability.\\r\\n\\r \\r\\n\\r \\r This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la caracter\u00edstica de compresi\u00f3n de la cl\u00e1sica lista de control de acceso (ACL) del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado evite la protecci\u00f3n que ofrece una ACL configurada en un dispositivo afectado. Esta vulnerabilidad se debe a una codificaci\u00f3n incorrecta del rango de direcciones de destino en el m\u00f3dulo de compresi\u00f3n de una ACL que se aplica a una interfaz de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s del dispositivo afectado que la ACL configurada deber\u00eda denegar. Una explotaci\u00f3n existosa exitoso podr\u00eda permitir al atacante eludir las protecciones ACL configuradas en el dispositivo afectado, permiti\u00e9ndole acceder a redes confiables que el dispositivo podr\u00eda estar protegiendo. Existen workarounds que abordan esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2023 del paquete de avisos de seguridad del software Cisco IOS XR.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.3.5\",\"matchCriteriaId\":\"2149246C-67F1-442E-82B3-A2FD61096A3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.5\",\"versionEndExcluding\":\"7.5.4\",\"matchCriteriaId\":\"ED7F47DA-4B58-47D2-B913-82A5C415818B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.6\",\"versionEndExcluding\":\"7.8.2\",\"matchCriteriaId\":\"0130B9F9-A333-4C3A-A92B-139CE276F6EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD280E00-7BAC-4160-926A-09D87719585F\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.