Action not permitted
Modal body text goes here.
wid-sec-w-2024-0066
Vulnerability from csaf_certbund
Published
2024-01-10 23:00
Modified
2024-01-10 23:00
Summary
Cisco Evolved Programmable Network Manager & Prime Infrastructure: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Cisco Evolved Programmable Network (EPN) Manager ist eine All-in-One-Managementlösung für die Konvergenz von paketorientierten und optischen Netzwerken.
Cisco Prime Infrastructure kombiniert die Wireless-Fähigkeiten von Cisco Prime Network Control System (NCS) und die drahtgebundenen Fähigkeiten von Cisco Prime LAN Management Solution (LMS) mit den Applikations- Performance-Monitoring- und Troubleshooting-Fähigkeiten von Cisco Prime Assurance Manager.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- CISCO Appliance
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Cisco Evolved Programmable Network (EPN) Manager ist eine All-in-One-Managementl\u00f6sung f\u00fcr die Konvergenz von paketorientierten und optischen Netzwerken.\r\nCisco Prime Infrastructure kombiniert die Wireless-F\u00e4higkeiten von Cisco Prime Network Control System (NCS) und die drahtgebundenen F\u00e4higkeiten von Cisco Prime LAN Management Solution (LMS) mit den Applikations- Performance-Monitoring- und Troubleshooting-F\u00e4higkeiten von Cisco Prime Assurance Manager.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- CISCO Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0066 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0066.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0066 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0066"
},
{
"category": "external",
"summary": "Cisco Security Advisory vom 2024-01-10",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"source_lang": "en-US",
"title": "Cisco Evolved Programmable Network Manager \u0026 Prime Infrastructure: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-01-10T23:00:00.000+00:00",
"generator": {
"date": "2024-02-15T17:56:11.609+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-0066",
"initial_release_date": "2024-01-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cisco Evolved Programmable Network Manager \u003c 7.1.1",
"product": {
"name": "Cisco Evolved Programmable Network Manager \u003c 7.1.1",
"product_id": "T031990",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:evolved_programmable_network_manager:7.1.1"
}
}
},
{
"category": "product_name",
"name": "Cisco Prime Infrastructure \u003c 3.10.4 Update 2",
"product": {
"name": "Cisco Prime Infrastructure \u003c 3.10.4 Update 2",
"product_id": "T031991",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:prime_infrastructure:3.10.4_update_2"
}
}
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-20271",
"notes": [
{
"category": "description",
"text": "In Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure existieren mehrere Schwachstellen. Diese bestehen in dem Management-Interface und dem Kommandozeilen Tool und sind untereinander abh\u00e4ngig voneinander. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-01-10T23:00:00Z",
"title": "CVE-2023-20271"
},
{
"cve": "CVE-2023-20260",
"notes": [
{
"category": "description",
"text": "In Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure existieren mehrere Schwachstellen. Diese bestehen in dem Management-Interface und dem Kommandozeilen Tool und sind untereinander abh\u00e4ngig voneinander. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-01-10T23:00:00Z",
"title": "CVE-2023-20260"
},
{
"cve": "CVE-2023-20258",
"notes": [
{
"category": "description",
"text": "In Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure existieren mehrere Schwachstellen. Diese bestehen in dem Management-Interface und dem Kommandozeilen Tool und sind untereinander abh\u00e4ngig voneinander. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-01-10T23:00:00Z",
"title": "CVE-2023-20258"
},
{
"cve": "CVE-2023-20257",
"notes": [
{
"category": "description",
"text": "In Cisco Evolved Programmable Network Manager und Cisco Prime Infrastructure existieren mehrere Schwachstellen. Diese bestehen in dem Management-Interface und dem Kommandozeilen Tool und sind untereinander abh\u00e4ngig voneinander. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuf\u00fchren, Dateien zu manipulieren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren."
}
],
"release_date": "2024-01-10T23:00:00Z",
"title": "CVE-2023-20257"
}
]
}
cve-2023-20271
Vulnerability from cvelistv5
Published
2024-01-17 16:56
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:33.023Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-wkZJeyeq",
"defects": [
"CSCwf81862",
"CSCwf83557"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20271",
"datePublished": "2024-01-17T16:56:25.553Z",
"dateReserved": "2022-10-27T18:47:50.373Z",
"dateUpdated": "2024-08-02T09:05:36.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20258
Vulnerability from cvelistv5
Published
2024-01-17 16:56
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to improper processing of serialized Java objects by the affected application. An attacker could exploit this vulnerability by uploading a document containing malicious serialized Java objects to be processed by the affected application. A successful exploit could allow the attacker to cause the application to execute arbitrary commands.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco Prime Infrastructure |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to improper processing of serialized Java objects by the affected application. An attacker could exploit this vulnerability by uploading a document containing malicious serialized Java objects to be processed by the affected application. A successful exploit could allow the attacker to cause the application to execute arbitrary commands."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:32.072Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-wkZJeyeq",
"defects": [
"CSCwf81859"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20258",
"datePublished": "2024-01-17T16:56:57.318Z",
"dateReserved": "2022-10-27T18:47:50.372Z",
"dateUpdated": "2024-08-02T09:05:36.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20260
Vulnerability from cvelistv5
Published
2024-01-17 16:57
Modified
2024-11-13 19:51
Severity ?
EPSS score ?
Summary
A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-23T20:54:32.408511Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T19:51:35.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:32.625Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-wkZJeyeq",
"defects": [
"CSCwf81865",
"CSCwf83560"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20260",
"datePublished": "2024-01-17T16:57:33.285Z",
"dateReserved": "2022-10-27T18:47:50.373Z",
"dateUpdated": "2024-11-13T19:51:35.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20257
Vulnerability from cvelistv5
Published
2024-01-17 16:55
Modified
2024-08-02 09:05
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by submitting malicious input containing script or HTML content within requests that would stored within the application interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks against other users of the affected application.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by submitting malicious input containing script or HTML content within requests that would stored within the application interface. A successful exploit could allow the attacker to conduct cross-site scripting attacks against other users of the affected application."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:31.456Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-wkZJeyeq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-wkZJeyeq",
"defects": [
"CSCwf81870",
"CSCwf83565"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20257",
"datePublished": "2024-01-17T16:55:42.034Z",
"dateReserved": "2022-10-27T18:47:50.372Z",
"dateUpdated": "2024-08-02T09:05:36.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.