CVE-2023-20236 (GCVE-0-2023-20236)
Vulnerability from cvelistv5 – Published: 2023-09-13 16:39 – Updated: 2024-10-23 19:10
VLAI?
Summary
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.
This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.
Severity ?
6.7 (Medium)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
5.2.0
Affected: 5.2.1 Affected: 5.2.2 Affected: 5.2.4 Affected: 5.2.3 Affected: 5.2.5 Affected: 5.2.47 Affected: 5.3.0 Affected: 5.3.1 Affected: 5.3.2 Affected: 5.3.3 Affected: 5.3.4 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 6.1.1 Affected: 6.1.2 Affected: 6.1.3 Affected: 6.1.4 Affected: 6.1.12 Affected: 6.1.22 Affected: 6.1.32 Affected: 6.1.36 Affected: 6.1.42 Affected: 6.2.1 Affected: 6.2.2 Affected: 6.2.3 Affected: 6.2.25 Affected: 6.2.11 Affected: 6.3.2 Affected: 6.3.3 Affected: 6.3.15 Affected: 6.4.1 Affected: 6.4.2 Affected: 6.4.3 Affected: 6.5.1 Affected: 6.5.2 Affected: 6.5.3 Affected: 6.5.25 Affected: 6.5.26 Affected: 6.5.28 Affected: 6.5.29 Affected: 6.5.32 Affected: 6.5.33 Affected: 6.6.2 Affected: 6.6.3 Affected: 6.6.25 Affected: 6.6.4 Affected: 7.0.1 Affected: 7.0.2 Affected: 7.0.12 Affected: 7.0.14 Affected: 7.1.1 Affected: 7.1.15 Affected: 7.1.2 Affected: 7.1.3 Affected: 6.7.1 Affected: 6.7.2 Affected: 6.7.3 Affected: 6.7.4 Affected: 7.2.0 Affected: 7.2.1 Affected: 7.2.2 Affected: 7.3.1 Affected: 7.3.15 Affected: 7.3.2 Affected: 7.3.3 Affected: 7.3.5 Affected: 7.4.1 Affected: 7.4.2 Affected: 6.8.1 Affected: 6.8.2 Affected: 7.5.1 Affected: 7.5.3 Affected: 7.5.2 Affected: 7.5.4 Affected: 7.6.1 Affected: 7.6.2 Affected: 7.7.1 Affected: 7.7.2 Affected: 7.7.21 Affected: 6.9.1 Affected: 6.9.2 Affected: 7.8.1 Affected: 7.8.2 Affected: 7.9.1 Affected: 7.9.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr_software",
"vendor": "cisco",
"versions": [
{
"lessThanOrEqual": "7.9.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20236",
"options": [
{
"Exploitation": "None"
},
{
"Automatable": "No"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:36:16.200980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T19:10:48.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "5.2.0"
},
{
"status": "affected",
"version": "5.2.1"
},
{
"status": "affected",
"version": "5.2.2"
},
{
"status": "affected",
"version": "5.2.4"
},
{
"status": "affected",
"version": "5.2.3"
},
{
"status": "affected",
"version": "5.2.5"
},
{
"status": "affected",
"version": "5.2.47"
},
{
"status": "affected",
"version": "5.3.0"
},
{
"status": "affected",
"version": "5.3.1"
},
{
"status": "affected",
"version": "5.3.2"
},
{
"status": "affected",
"version": "5.3.3"
},
{
"status": "affected",
"version": "5.3.4"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "6.1.4"
},
{
"status": "affected",
"version": "6.1.12"
},
{
"status": "affected",
"version": "6.1.22"
},
{
"status": "affected",
"version": "6.1.32"
},
{
"status": "affected",
"version": "6.1.36"
},
{
"status": "affected",
"version": "6.1.42"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.2.25"
},
{
"status": "affected",
"version": "6.2.11"
},
{
"status": "affected",
"version": "6.3.2"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "6.3.15"
},
{
"status": "affected",
"version": "6.4.1"
},
{
"status": "affected",
"version": "6.4.2"
},
{
"status": "affected",
"version": "6.4.3"
},
{
"status": "affected",
"version": "6.5.1"
},
{
"status": "affected",
"version": "6.5.2"
},
{
"status": "affected",
"version": "6.5.3"
},
{
"status": "affected",
"version": "6.5.25"
},
{
"status": "affected",
"version": "6.5.26"
},
{
"status": "affected",
"version": "6.5.28"
},
{
"status": "affected",
"version": "6.5.29"
},
{
"status": "affected",
"version": "6.5.32"
},
{
"status": "affected",
"version": "6.5.33"
},
{
"status": "affected",
"version": "6.6.2"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "6.6.25"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.12"
},
{
"status": "affected",
"version": "7.0.14"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.15"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "6.7.1"
},
{
"status": "affected",
"version": "6.7.2"
},
{
"status": "affected",
"version": "6.7.3"
},
{
"status": "affected",
"version": "6.7.4"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "6.8.1"
},
{
"status": "affected",
"version": "6.8.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "6.9.1"
},
{
"status": "affected",
"version": "6.9.2"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.9.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\r\n\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T19:50:10.951Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
}
],
"source": {
"advisory": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
"defects": [
"CSCvz63925",
"CSCvz63918",
"CSCwe12502",
"CSCvz63929",
"CSCwi31568",
"CSCwh78724",
"CSCwi26526",
"CSCwh70601",
"CSCwh78727",
"CSCwj83430",
"CSCwj88475"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20236",
"datePublished": "2023-09-13T16:39:19.418Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2024-10-23T19:10:48.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.10.1\", \"matchCriteriaId\": \"0F31C819-2725-4295-8FF3-BA00A7A6BE92\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A34DAD43-0C95-4830-8078-EFE3E6C0A930\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46F5CBF0-7F55-44C0-B321-896BDBA22679\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D381E343-416F-42AF-A780-D330954F238F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6655851F-58D9-49D9-A56E-8440A7F7BB45\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5E2AE67-DED3-4414-A194-386ADB2C8DC7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3920133A-684D-4A9F-B65A-FF4EAE5052E5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ED06361-5A68-4656-AEA5-240C290594CD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE2514A1-486C-40F7-8746-56E2B973CBE6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3FEF8271-315F-4756-931F-015F790BE693\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"324C97E6-1810-404F-9F45-6240F99FF039\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57EB55BB-41B7-40A1-B6F5-142FE8AB4C16\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"433F4A82-04A4-4EAA-8C19-F7581DCD8D29\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D5E60AB-94FF-448A-89D8-5D2197E21C74\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91474DBC-FB31-4DDF-96C5-311FA1D53A74\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA241214-2F05-4360-9B50-385355E29CF4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A93212A4-50AB-42E7-89A4-5FBBAEA050C3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDA53A61-98B3-458C-8893-61CD7D6B1E48\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F396564E-B477-4A27-A189-CEB737552E25\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5445CC54-ACFB-4070-AF26-F91FEAA85181\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49E7ED87-8AC0-4107-A7A5-F334236E2906\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F6E0FBE-70B7-413C-8943-39BEFE050298\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37AE5FB0-D9A6-4EBE-9F7F-243299AE918B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F40E779D-5865-4E4B-AE2D-CF1860BA19E2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC6A867F-E809-4CB5-82DB-2670CB0A6359\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41C5ECF8-EFFE-4C27-8DCB-2533BFD5200F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68C23248-3D61-4BAF-9602-BA31FB4374DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C36494B4-8E2D-4399-97B5-725792BD5C45\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0819EF17-5102-45FF-96AD-85BE17FD6921\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2A8C028-107B-4410-BCC6-5BCB8DB63603\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA13FE67-F4AE-46DF-921B-3FB91BDF742B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98622F14-CC47-45E0-85E4-A7243309487C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC7AE6C1-B7C6-4056-9719-B5CFF71970AD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D686F339-9406-4ADF-B124-C815D43E4CAA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A972EFE-4F7E-4BFC-8631-66A2D16B74A3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22FE69B4-DF27-46F1-8037-4B8D1F229C6B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F72AEF0-EE70-40F8-B52B-1390820B87BB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"603980FE-9865-4A71-A37C-A90B7F3B72D6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AC4E089-296D-4C19-BF21-DDF2501DD77C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43D21B01-A754-474F-8E46-14D733AB307E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17D6424C-972F-459C-B8F7-04FFD9F541BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB01E968-E838-4D3C-B603-BF7E4E0F8A2C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08864A59-0840-4407-8D30-9CE34BAF05E7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13EEDD1C-25BC-4AFA-AF60-66DE36927528\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CD3B06B-864E-4A35-B0C3-1654390022D2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD1B4F37-5AAA-4F40-8865-226289CB5CEB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"355F78C3-C07F-48C3-9B6E-55714EAA7331\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98F06B5D-6CE8-42C3-8760-89B4EF1FFC21\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\\r\\n\\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la funci\\u00f3n de arranque iPXE del software Cisco IOS XR podr\\u00eda permitir que un atacante local autenticado instale una imagen de software no verificada en un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\\u00f3n de imagen insuficiente. Un atacante podr\\u00eda aprovechar esta vulnerabilidad manipulando los par\\u00e1metros de arranque para la verificaci\\u00f3n de im\\u00e1genes durante el proceso de arranque iPXE en un dispositivo afectado. Una explotaci\\u00f3n exitosa podr\\u00eda permitir al atacante iniciar una imagen de software no verificada en el dispositivo afectado.\"}]",
"id": "CVE-2023-20236",
"lastModified": "2024-11-21T07:40:57.700",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2023-09-13T17:15:09.607",
"references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-345\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-20236\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2023-09-13T17:15:09.607\",\"lastModified\":\"2024-11-21T07:40:57.700\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\\r\\n\\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funci\u00f3n de arranque iPXE del software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado instale una imagen de software no verificada en un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de imagen insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando los par\u00e1metros de arranque para la verificaci\u00f3n de im\u00e1genes durante el proceso de arranque iPXE en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante iniciar una imagen de software no verificada en el dispositivo afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.10.1\",\"matchCriteriaId\":\"0F31C819-2725-4295-8FF3-BA00A7A6BE92\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A34DAD43-0C95-4830-8078-EFE3E6C0A930\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F5CBF0-7F55-44C0-B321-896BDBA22679\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D381E343-416F-42AF-A780-D330954F238F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6655851F-58D9-49D9-A56E-8440A7F7BB45\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5E2AE67-DED3-4414-A194-386ADB2C8DC7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3920133A-684D-4A9F-B65A-FF4EAE5052E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED06361-5A68-4656-AEA5-240C290594CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE2514A1-486C-40F7-8746-56E2B973CBE6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FEF8271-315F-4756-931F-015F790BE693\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"324C97E6-1810-404F-9F45-6240F99FF039\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57EB55BB-41B7-40A1-B6F5-142FE8AB4C16\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"433F4A82-04A4-4EAA-8C19-F7581DCD8D29\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D5E60AB-94FF-448A-89D8-5D2197E21C74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91474DBC-FB31-4DDF-96C5-311FA1D53A74\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA241214-2F05-4360-9B50-385355E29CF4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A93212A4-50AB-42E7-89A4-5FBBAEA050C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA53A61-98B3-458C-8893-61CD7D6B1E48\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F396564E-B477-4A27-A189-CEB737552E25\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5445CC54-ACFB-4070-AF26-F91FEAA85181\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E7ED87-8AC0-4107-A7A5-F334236E2906\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F6E0FBE-70B7-413C-8943-39BEFE050298\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37AE5FB0-D9A6-4EBE-9F7F-243299AE918B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40E779D-5865-4E4B-AE2D-CF1860BA19E2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6A867F-E809-4CB5-82DB-2670CB0A6359\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41C5ECF8-EFFE-4C27-8DCB-2533BFD5200F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C23248-3D61-4BAF-9602-BA31FB4374DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C36494B4-8E2D-4399-97B5-725792BD5C45\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0819EF17-5102-45FF-96AD-85BE17FD6921\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A8C028-107B-4410-BCC6-5BCB8DB63603\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA13FE67-F4AE-46DF-921B-3FB91BDF742B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98622F14-CC47-45E0-85E4-A7243309487C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC7AE6C1-B7C6-4056-9719-B5CFF71970AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D686F339-9406-4ADF-B124-C815D43E4CAA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A972EFE-4F7E-4BFC-8631-66A2D16B74A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22FE69B4-DF27-46F1-8037-4B8D1F229C6B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F72AEF0-EE70-40F8-B52B-1390820B87BB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"603980FE-9865-4A71-A37C-A90B7F3B72D6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC4E089-296D-4C19-BF21-DDF2501DD77C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43D21B01-A754-474F-8E46-14D733AB307E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D6424C-972F-459C-B8F7-04FFD9F541BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB01E968-E838-4D3C-B603-BF7E4E0F8A2C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08864A59-0840-4407-8D30-9CE34BAF05E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13EEDD1C-25BC-4AFA-AF60-66DE36927528\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD3B06B-864E-4A35-B0C3-1654390022D2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD1B4F37-5AAA-4F40-8865-226289CB5CEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"355F78C3-C07F-48C3-9B6E-55714EAA7331\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98F06B5D-6CE8-42C3-8760-89B4EF1FFC21\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"name\": \"cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T09:05:35.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-20236\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"None\"}, {\"Automatable\": \"No\"}, {\"Technical Impact\": \"Total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-11-15T16:36:16.200980Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"ios_xr_software\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.9.2\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-23T19:09:16.701Z\"}}], \"cna\": {\"source\": {\"defects\": [\"CSCvz63925\", \"CSCvz63918\", \"CSCwe12502\", \"CSCvz63929\", \"CSCwi31568\", \"CSCwh78724\", \"CSCwi26526\", \"CSCwh70601\", \"CSCwh78727\", \"CSCwj83430\", \"CSCwj88475\"], \"advisory\": \"cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XR Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.2.0\"}, {\"status\": \"affected\", \"version\": \"5.2.1\"}, {\"status\": \"affected\", \"version\": \"5.2.2\"}, {\"status\": \"affected\", \"version\": \"5.2.4\"}, {\"status\": \"affected\", \"version\": \"5.2.3\"}, {\"status\": \"affected\", \"version\": \"5.2.5\"}, {\"status\": \"affected\", \"version\": \"5.2.47\"}, {\"status\": \"affected\", \"version\": \"5.3.0\"}, {\"status\": \"affected\", \"version\": \"5.3.1\"}, {\"status\": \"affected\", \"version\": \"5.3.2\"}, {\"status\": \"affected\", \"version\": \"5.3.3\"}, {\"status\": \"affected\", \"version\": \"5.3.4\"}, {\"status\": \"affected\", \"version\": \"6.0.0\"}, {\"status\": \"affected\", \"version\": \"6.0.1\"}, {\"status\": \"affected\", \"version\": \"6.0.2\"}, {\"status\": \"affected\", \"version\": \"6.1.1\"}, {\"status\": \"affected\", \"version\": \"6.1.2\"}, {\"status\": \"affected\", \"version\": \"6.1.3\"}, {\"status\": \"affected\", \"version\": \"6.1.4\"}, {\"status\": \"affected\", \"version\": \"6.1.12\"}, {\"status\": \"affected\", \"version\": \"6.1.22\"}, {\"status\": \"affected\", \"version\": \"6.1.32\"}, {\"status\": \"affected\", \"version\": \"6.1.36\"}, {\"status\": \"affected\", \"version\": \"6.1.42\"}, {\"status\": \"affected\", \"version\": \"6.2.1\"}, {\"status\": \"affected\", \"version\": \"6.2.2\"}, {\"status\": \"affected\", \"version\": \"6.2.3\"}, {\"status\": \"affected\", \"version\": \"6.2.25\"}, {\"status\": \"affected\", \"version\": \"6.2.11\"}, {\"status\": \"affected\", \"version\": \"6.3.2\"}, {\"status\": \"affected\", \"version\": \"6.3.3\"}, {\"status\": \"affected\", \"version\": \"6.3.15\"}, {\"status\": \"affected\", \"version\": \"6.4.1\"}, {\"status\": \"affected\", \"version\": \"6.4.2\"}, {\"status\": \"affected\", \"version\": \"6.4.3\"}, {\"status\": \"affected\", \"version\": \"6.5.1\"}, {\"status\": \"affected\", \"version\": \"6.5.2\"}, {\"status\": \"affected\", \"version\": \"6.5.3\"}, {\"status\": \"affected\", \"version\": \"6.5.25\"}, {\"status\": \"affected\", \"version\": \"6.5.26\"}, {\"status\": \"affected\", \"version\": \"6.5.28\"}, {\"status\": \"affected\", \"version\": \"6.5.29\"}, {\"status\": \"affected\", \"version\": \"6.5.32\"}, {\"status\": \"affected\", \"version\": \"6.5.33\"}, {\"status\": \"affected\", \"version\": \"6.6.2\"}, {\"status\": \"affected\", \"version\": \"6.6.3\"}, {\"status\": \"affected\", \"version\": \"6.6.25\"}, {\"status\": \"affected\", \"version\": \"6.6.4\"}, {\"status\": \"affected\", \"version\": \"7.0.1\"}, {\"status\": \"affected\", \"version\": \"7.0.2\"}, {\"status\": \"affected\", \"version\": \"7.0.12\"}, {\"status\": \"affected\", \"version\": \"7.0.14\"}, {\"status\": \"affected\", \"version\": \"7.1.1\"}, {\"status\": \"affected\", \"version\": \"7.1.15\"}, {\"status\": \"affected\", \"version\": \"7.1.2\"}, {\"status\": \"affected\", \"version\": \"7.1.3\"}, {\"status\": \"affected\", \"version\": \"6.7.1\"}, {\"status\": \"affected\", \"version\": \"6.7.2\"}, {\"status\": \"affected\", \"version\": \"6.7.3\"}, {\"status\": \"affected\", \"version\": \"6.7.4\"}, {\"status\": \"affected\", \"version\": \"7.2.0\"}, {\"status\": \"affected\", \"version\": \"7.2.1\"}, {\"status\": \"affected\", \"version\": \"7.2.2\"}, {\"status\": \"affected\", \"version\": \"7.3.1\"}, {\"status\": \"affected\", \"version\": \"7.3.15\"}, {\"status\": \"affected\", \"version\": \"7.3.2\"}, {\"status\": \"affected\", \"version\": \"7.3.3\"}, {\"status\": \"affected\", \"version\": \"7.3.5\"}, {\"status\": \"affected\", \"version\": \"7.4.1\"}, {\"status\": \"affected\", \"version\": \"7.4.2\"}, {\"status\": \"affected\", \"version\": \"6.8.1\"}, {\"status\": \"affected\", \"version\": \"6.8.2\"}, {\"status\": \"affected\", \"version\": \"7.5.1\"}, {\"status\": \"affected\", \"version\": \"7.5.3\"}, {\"status\": \"affected\", \"version\": \"7.5.2\"}, {\"status\": \"affected\", \"version\": \"7.5.4\"}, {\"status\": \"affected\", \"version\": \"7.6.1\"}, {\"status\": \"affected\", \"version\": \"7.6.2\"}, {\"status\": \"affected\", \"version\": \"7.7.1\"}, {\"status\": \"affected\", \"version\": \"7.7.2\"}, {\"status\": \"affected\", \"version\": \"7.7.21\"}, {\"status\": \"affected\", \"version\": \"6.9.1\"}, {\"status\": \"affected\", \"version\": \"6.9.2\"}, {\"status\": \"affected\", \"version\": \"7.8.1\"}, {\"status\": \"affected\", \"version\": \"7.8.2\"}, {\"status\": \"affected\", \"version\": \"7.9.1\"}, {\"status\": \"affected\", \"version\": \"7.9.2\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\", \"name\": \"cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\\r\\n\\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-347\", \"description\": \"Improper Verification of Cryptographic Signature\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-08-07T19:50:10.951Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-20236\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-23T19:10:48.388Z\", \"dateReserved\": \"2022-10-27T18:47:50.370Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2023-09-13T16:39:19.418Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…