Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to cisco - cgr1240

CVE-2023-20076 (GCVE-0-2023-20076)

Vulnerability from cvelistv5

Published

2023-02-12 00:00

Modified

2024-10-28 16:34

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-233

Summary

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.

References

►

URL

	Vendor	Product	Version
	Cisco	Cisco IOS	Version: n/a

CVE-2019-12648 (GCVE-0-2019-12648)

Vulnerability from cvelistv5

Published

2019-09-25 20:05

Modified

2024-11-20 17:10

Severity ?

9.9 (Critical) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-284

Summary

A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user.

References

►

URL

Tags

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth

vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco IOS 15.7(3)M	Version: unspecified < n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12648",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:53.595477Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:10:26.912Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS 15.7(3)M",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-25T20:05:22",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190925-ios-gos-auth",
        "defect": [
          [
            "CSCvm86480"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
          "ID": "CVE-2019-12648",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS 15.7(3)M",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "9.9",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOx for IOS Software Guest Operating System Unauthorized Access Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190925-ios-gos-auth",
          "defect": [
            [
              "CSCvm86480"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12648",
    "datePublished": "2019-09-25T20:05:22.034297Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:10:26.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2023-02-12 04:15

Modified

2024-11-21 07:40

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▶	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ic3000_industrial_compute_gateway	*
cisco	iox	-
cisco	ios_xe	*
cisco	ios_xe	*
cisco	ios_xe	17.10.0
cisco	cgr1240_firmware	*
cisco	cgr1240	-
cisco	cgr1000_firmware	*
cisco	cgr1000	-
cisco	ir510_wpan_firmware	*
cisco	ir510_wpan	-
cisco	829_industrial_integrated_services_router_firmware	*
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m1
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m2
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m2a
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m3
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m4
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m4a
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m5
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m6a
cisco	829_industrial_integrated_services_router_firmware	15.9\(3\)m6b
cisco	829_industrial_integrated_services_router	-
cisco	807_industrial_integrated_services_router_firmware	*
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m1
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m2
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m2a
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m3
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m4
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m4a
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m5
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m6a
cisco	807_industrial_integrated_services_router_firmware	15.9\(3\)m6b
cisco	807_industrial_integrated_services_router	-
cisco	809_industrial_integrated_services_router_firmware	*
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m1
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m2
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m2a
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m3
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m4
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m4a
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m5
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m6a
cisco	809_industrial_integrated_services_router_firmware	15.9\(3\)m6b
cisco	809_industrial_integrated_services_router	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0123C40-42E9-4DA1-A333-1249D52FE05F",
              "versionEndExcluding": "1.4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:iox:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E74F18-C63E-4A10-99C2-51907E199BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F708D7F-6673-489E-9B2D-796AF552D7A2",
              "versionEndExcluding": "17.6.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FC38B1-5F12-496F-8843-F119DB2D684C",
              "versionEndExcluding": "17.9.2",
              "versionStartIncluding": "17.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC868609-83CD-4FBA-A842-18CD4F07D8D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1240_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F343CE69-D1C6-4CB3-97CF-AC480FA6802D",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17050EB-5D47-4287-A2E7-518A811157A7",
              "versionEndExcluding": "1.16.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF8D8F3-C04A-4A32-B7DF-7649506B83D1",
              "versionEndExcluding": "1.10.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A8B23B-89DC-4BD2-AC3B-E73169F42F6C",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E5C422-7131-49C5-B05C-11CDC97373BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "313940F2-909D-4BAB-BC1C-CA9419F4E9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "887AA4F7-7A63-4FAF-89E9-B992FF8C0F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1EEADC2-0938-48F8-8ED4-7A2643B6BAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A79FD2A7-F49F-40CA-B721-AD222DD16CA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE95BEF3-E236-4B08-A3C5-210A094AB41E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D097582-7C84-4899-93C4-B16692A41302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "86891B33-4B66-48C1-933B-75187404B129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "372E3DB5-5296-4353-9A2B-0A8040F07BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "20FCE500-AD08-40CE-8956-2997C9200B41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB92E03-2956-4AC1-831F-152FCBA01092",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA00C2A-CFC0-498B-8EA7-989FA2B78A2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "308D1626-255D-4266-B2E1-B6D34D7D8881",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA3B170E-B248-4E9E-968B-A6320AAF3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E20439B8-530E-4C49-AFBE-5AFAC95BA994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDA253BF-10DF-4819-A165-9E9049B14D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FA057DC-F9D9-4A96-9AAF-86303A4D21A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DF79F40-DA37-4A36-95BD-7FDD8D41783F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DB4FDC-3152-4144-A85B-920577D65BC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "564BC14B-465D-4E3D-A37A-15ED0AE65AA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5612E330-FA91-4DA5-9D74-4E262769E388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF306339-36B4-4549-8C8D-C7530C575D9B",
              "versionEndExcluding": "15.9\\(3\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA50E936-DFBC-4B6A-9AE3-763CBD2EA2CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8088D28-AA6B-4CA8-B120-9993D0C8035F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D568BB-6646-4366-8D8F-87B829AC018F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "352566DD-EF2B-49A0-9CFF-3C67152DE403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E645F0-179C-43F4-9B12-2485B3C1924C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C1A3AB-E91B-4A59-8E49-C7E722A97F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D4FD9E-A505-4819-B57D-458A24C7E0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A299F13E-02DD-490E-96F7-02BF7B21A46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACD17542-1D24-4D1B-A123-B773BA66326E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F1604-4189-4585-8E94-0BD1F02A125C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
    }
  ],
  "id": "CVE-2023-20076",
  "lastModified": "2024-11-21T07:40:29.813",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-12T04:15:19.287",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-233"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-09-25 20:15

Modified

2024-11-21 04:23

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

▶	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios	15.7\(3\)m3
cisco	807_industrial_integrated_services_routers	-
cisco	809_industrial_integrated_services_routers	-
cisco	829_industrial_integrated_services_routers	-
cisco	cgr_1120	-
cisco	cgr1240	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*",
              "matchCriteriaId": "64404B00-4956-47B8-ACDB-88E365E97212",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C197660-0D0F-4D80-8EF5-9A60E679BD24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C996F3B-0333-4B9A-B3E7-F50E64B0AAB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_routers:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D05CC9-8D04-4DE0-A854-375192B4D46C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cgr_1120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1119E8B9-53A3-4724-9EEB-F4A35F9F59E1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IOx application environment for Cisco IOS Software could allow an authenticated, remote attacker to gain unauthorized access to the Guest Operating System (Guest OS) running on an affected device. The vulnerability is due to incorrect role-based access control (RBAC) evaluation when a low-privileged user requests access to a Guest OS that should be restricted to administrative accounts. An attacker could exploit this vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials. An exploit could allow the attacker to gain unauthorized access to the Guest OS as a root user."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el entorno de la aplicaci\u00f3n IOx para Software Cisco IOS, podr\u00eda permitir a un atacante remoto autenticado conseguir acceso no autorizado al Sistema Operativo Invitado (SO Invitado) que es ejecutado en un dispositivo afectado. La vulnerabilidad es debido a una evaluaci\u00f3n incorrecta del control de acceso basado en roles (RBAC) cuando un usuario poco privilegiado solicita acceso a un SO Invitado que debe ser restringida a cuentas administrativas. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la autenticaci\u00f3n en el Sistema Operativo Invitado mediante el empleo de las credenciales de un usuario poco privilegiado. Una explotaci\u00f3n podr\u00eda permitir al atacante conseguir acceso no autorizado al sistema operativo invitado como un usuario root."
    }
  ],
  "id": "CVE-2019-12648",
  "lastModified": "2024-11-21T04:23:15.463",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.0,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-25T20:15:10.477",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}