cve-2023-20254
Vulnerability from cvelistv5
Published
2023-09-27 17:11
Modified
2024-10-23 19:39
Severity ?
EPSS score ?
Summary
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.
This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Cisco | Cisco SD-WAN vManage |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:05:36.889Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cisco-sa-sdwan-vman-sc-LRLfu2z", "tags": [ "x_transferred" ], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "catalyst_sd-wan_manager", "vendor": "cisco", "versions": [ { "lessThanOrEqual": "20.9.3.1", "status": "affected", "version": "17.2.10", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-20254", "options": [ { "Exploitation": "None" }, { "Automatable": "No" }, { "Technical Impact": "Total" } ], "role": "CISA Coordinator", "timestamp": "2023-11-15T16:37:43.965360Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-23T19:39:16.225Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco SD-WAN vManage", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "17.2.6" }, { "status": "affected", "version": "17.2.7" }, { "status": "affected", "version": "17.2.8" }, { "status": "affected", "version": "17.2.9" }, { "status": "affected", "version": "17.2.10" }, { "status": "affected", "version": "17.2.4" }, { "status": "affected", "version": "17.2.5" }, { "status": "affected", "version": "18.3.1.1" }, { "status": "affected", "version": "18.3.3.1" }, { "status": "affected", "version": "18.3.3" }, { "status": "affected", "version": "18.3.4" }, { "status": "affected", "version": "18.3.5" }, { "status": "affected", "version": "18.3.7" }, { "status": "affected", "version": "18.3.8" }, { "status": "affected", "version": "18.3.6.1" }, { "status": "affected", "version": "18.3.1" }, { "status": "affected", "version": "18.3.0" }, { "status": "affected", "version": "18.4.0.1" }, { "status": "affected", "version": "18.4.3" }, { "status": "affected", "version": "18.4.302" }, { "status": "affected", "version": "18.4.303" }, { "status": "affected", "version": "18.4.4" }, { "status": "affected", "version": "18.4.5" }, { "status": "affected", "version": "18.4.0" }, { "status": "affected", "version": "18.4.1" }, { "status": "affected", "version": "18.4.6" }, { "status": "affected", "version": "19.2.0" }, { "status": "affected", "version": "19.2.097" }, { "status": "affected", "version": "19.2.099" }, { "status": "affected", "version": "19.2.1" }, { "status": "affected", "version": "19.2.2" }, { "status": "affected", "version": "19.2.3" }, { "status": "affected", "version": "19.2.31" }, { "status": "affected", "version": "19.2.929" }, { "status": "affected", "version": "19.2.4" }, { "status": "affected", "version": "20.1.1.1" }, { "status": "affected", "version": "20.1.12" }, { "status": "affected", "version": "20.1.1" }, { "status": "affected", "version": "20.1.2" }, { "status": "affected", "version": "20.1.3" }, { "status": "affected", "version": "19.3.0" }, { "status": "affected", "version": "19.1.0" }, { "status": "affected", "version": "18.2.0" }, { "status": "affected", "version": "20.3.1" }, { "status": "affected", "version": "20.3.2" }, { "status": "affected", "version": "20.3.2.1" }, { "status": "affected", "version": "20.3.3" }, { "status": "affected", "version": "20.3.3.1" }, { "status": "affected", "version": "20.3.4" }, { "status": "affected", "version": "20.3.4.1" }, { "status": "affected", "version": "20.3.4.2" }, { "status": "affected", "version": "20.3.5" }, { "status": "affected", "version": "20.3.6" }, { "status": "affected", "version": "20.3.7" }, { "status": "affected", "version": "20.3.7.1" }, { "status": "affected", "version": "20.3.4.3" }, { "status": "affected", "version": "20.3.5.1" }, { "status": "affected", "version": "20.3.7.2" }, { "status": "affected", "version": "20.4.1" }, { "status": "affected", "version": "20.4.1.1" }, { "status": "affected", "version": "20.4.1.2" }, { "status": "affected", "version": "20.4.2" }, { "status": "affected", "version": "20.4.2.2" }, { "status": "affected", "version": "20.4.2.1" }, { "status": "affected", "version": "20.4.2.3" }, { "status": "affected", "version": "20.5.1" }, { "status": "affected", "version": "20.5.1.2" }, { "status": "affected", "version": "20.5.1.1" }, { "status": "affected", "version": "20.6.1" }, { "status": "affected", "version": "20.6.1.1" }, { "status": "affected", "version": "20.6.2.1" }, { "status": "affected", "version": "20.6.2.2" }, { "status": "affected", "version": "20.6.2" }, { "status": "affected", "version": "20.6.3" }, { "status": "affected", "version": "20.6.3.1" }, { "status": "affected", "version": "20.6.1.2" }, { "status": "affected", "version": "20.6.3.2" }, { "status": "affected", "version": "20.6.3.3" }, { "status": "affected", "version": "20.6.3.0.45" }, { "status": "affected", "version": "20.6.3.0.46" }, { "status": "affected", "version": "20.6.3.0.47" }, { "status": "affected", "version": "20.7.1" }, { "status": "affected", "version": "20.7.1.1" }, { "status": "affected", "version": "20.7.2" }, { "status": "affected", "version": "20.8.1" }, { "status": "affected", "version": "20.9.1" }, { "status": "affected", "version": "20.9.2" }, { "status": "affected", "version": "20.9.2.1" }, { "status": "affected", "version": "20.9.3" }, { "status": "affected", "version": "20.9.3.1" }, { "status": "affected", "version": "20.9.2.3" }, { "status": "affected", "version": "20.9.3.0.12" }, { "status": "affected", "version": "20.9.3.0.16" }, { "status": "affected", "version": "20.9.3.0.17" }, { "status": "affected", "version": "20.9.3.0.18" }, { "status": "affected", "version": "20.9.3.0.20" }, { "status": "affected", "version": "20.9.3.0.21" }, { "status": "affected", "version": "20.9.3.0.23" }, { "status": "affected", "version": "20.10.1" }, { "status": "affected", "version": "20.10.1.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.\r\n\r This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "providerMetadata": { "dateUpdated": "2024-01-25T16:58:33.089Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-sdwan-vman-sc-LRLfu2z", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z" } ], "source": { "advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z", "defects": [ "CSCwf68936", "CSCwf55823" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2023-20254", "datePublished": "2023-09-27T17:11:23.280Z", "dateReserved": "2022-10-27T18:47:50.372Z", "dateUpdated": "2024-10-23T19:39:16.225Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-20254\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2023-09-27T18:15:11.690\",\"lastModified\":\"2023-09-29T17:49:36.903\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi-tenant feature could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance. This vulnerability requires the multi-tenant feature to be enabled.\\r\\n\\r This vulnerability is due to insufficient user session management within the Cisco Catalyst SD-WAN Manager system. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain unauthorized access to information about another tenant, make configuration changes, or possibly take a tenant offline causing a denial of service condition.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el sistema de gesti\u00f3n de sesiones de la funci\u00f3n multiinquilino de Cisco Catalyst SD-WAN Manager podr\u00eda permitir que un atacante remoto autenticado acceda a otro tenant que est\u00e1 siendo administrado por la misma instancia de Cisco Catalyst SD-WAN Manager. Esta vulnerabilidad requiere que est\u00e9 habilitada la funci\u00f3n multi-tenant. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de la sesi\u00f3n de usuario dentro del sistema Cisco Catalyst SD-WAN Manager. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada a un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante obtener acceso no autorizado a informaci\u00f3n sobre otro tenant, realizar cambios en la configuraci\u00f3n o posiblemente desconectar a un tenant, provocando una condici\u00f3n de denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.6.3.4\",\"matchCriteriaId\":\"E6BF7AEE-61BF-488D-8439-35B85529DD45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.7\",\"versionEndExcluding\":\"20.9.3.2\",\"matchCriteriaId\":\"DFA494E8-5817-49FF-AF87-C1E5CC6A366B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.10\",\"versionEndExcluding\":\"20.10.1.2\",\"matchCriteriaId\":\"DB339115-6B31-4A04-89BC-A053C964CDD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.11\",\"versionEndExcluding\":\"20.11.1.2\",\"matchCriteriaId\":\"FD884D68-559B-4169-9790-D8C6F694593E\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.