Vulnerabilites related to cisco - intersight_private_virtual_appliance
Vulnerability from fkie_nvd
Published
2023-08-16 22:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | intersight_private_virtual_appliance | 1.0.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intersight_private_virtual_appliance:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "031AB726-6056-4B54-8F11-8C1567AFC3A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.\r\n\r These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges."
}
],
"id": "CVE-2023-20017",
"lastModified": "2024-11-21T07:40:21.120",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-16T22:15:10.353",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-16 22:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | intersight_private_virtual_appliance | 1.0.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intersight_private_virtual_appliance:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "031AB726-6056-4B54-8F11-8C1567AFC3A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.\r\n\r These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges."
}
],
"id": "CVE-2023-20013",
"lastModified": "2024-11-21T07:40:20.583",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-16T22:15:09.750",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-16 22:15
Modified
2024-11-21 07:40
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible.
This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | intersight_virtual_appliance | * | |
| cisco | intersight_assist | - | |
| cisco | intersight_connected_virtual_appliance | - | |
| cisco | intersight_private_virtual_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F939C0F-2514-44C9-ADF6-4DCB344529EB",
"versionEndExcluding": "1.0.9-589",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:intersight_assist:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D811AADF-88B4-452D-BCE8-8F288E6F3AEC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:intersight_connected_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C846A1B-7BAF-4352-8ED0-A175478E6222",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:cisco:intersight_private_virtual_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB33AF02-AB30-4C29-BDD5-8BE8621DDCAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible.\r\n\r This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level."
}
],
"id": "CVE-2023-20237",
"lastModified": "2024-11-21T07:40:57.847",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-16T22:15:12.777",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-intersight-forward-C45ncgqb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-intersight-forward-C45ncgqb"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-20017 (GCVE-0-2023-20017)
Vulnerability from cvelistv5
Published
2023-08-16 21:01
Modified
2024-08-02 08:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Intersight Virtual Appliance |
Version: 1.0.9-113 Version: 1.0.9-148 Version: 1.0.9-230 Version: 1.0.9-53 Version: 1.0.9-7 Version: 1.0.9-197 Version: 1.0.9-170 Version: 1.0.9-149 Version: 1.0.9-278 Version: 1.0.9-184 Version: 1.0.9-232 Version: 1.0.9-83 Version: 1.0.9-90 Version: 1.0.9-97 Version: 1.0.9-125 Version: 1.0.9-250 Version: 1.0.9-77 Version: 1.0.9-133 Version: 1.0.9-67 Version: 1.0.9-214 Version: 1.0.9-103 Version: 1.0.9-266 Version: 1.0.9-13 Version: 1.0.9-164 Version: 1.0.9-292 Version: 1.0.9-302 Version: 1.0.9-319 Version: 1.0.9-343 Version: 1.0.9-360 Version: 1.0.9-361 Version: 1.0.9-378 Version: 1.0.9-389 Version: 1.0.9-402 Version: 1.0.9-428 Version: 1.0.9-442 Version: 1.0.9-456 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Intersight Virtual Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.9-113"
},
{
"status": "affected",
"version": "1.0.9-148"
},
{
"status": "affected",
"version": "1.0.9-230"
},
{
"status": "affected",
"version": "1.0.9-53"
},
{
"status": "affected",
"version": "1.0.9-7"
},
{
"status": "affected",
"version": "1.0.9-197"
},
{
"status": "affected",
"version": "1.0.9-170"
},
{
"status": "affected",
"version": "1.0.9-149"
},
{
"status": "affected",
"version": "1.0.9-278"
},
{
"status": "affected",
"version": "1.0.9-184"
},
{
"status": "affected",
"version": "1.0.9-232"
},
{
"status": "affected",
"version": "1.0.9-83"
},
{
"status": "affected",
"version": "1.0.9-90"
},
{
"status": "affected",
"version": "1.0.9-97"
},
{
"status": "affected",
"version": "1.0.9-125"
},
{
"status": "affected",
"version": "1.0.9-250"
},
{
"status": "affected",
"version": "1.0.9-77"
},
{
"status": "affected",
"version": "1.0.9-133"
},
{
"status": "affected",
"version": "1.0.9-67"
},
{
"status": "affected",
"version": "1.0.9-214"
},
{
"status": "affected",
"version": "1.0.9-103"
},
{
"status": "affected",
"version": "1.0.9-266"
},
{
"status": "affected",
"version": "1.0.9-13"
},
{
"status": "affected",
"version": "1.0.9-164"
},
{
"status": "affected",
"version": "1.0.9-292"
},
{
"status": "affected",
"version": "1.0.9-302"
},
{
"status": "affected",
"version": "1.0.9-319"
},
{
"status": "affected",
"version": "1.0.9-343"
},
{
"status": "affected",
"version": "1.0.9-360"
},
{
"status": "affected",
"version": "1.0.9-361"
},
{
"status": "affected",
"version": "1.0.9-378"
},
{
"status": "affected",
"version": "1.0.9-389"
},
{
"status": "affected",
"version": "1.0.9-402"
},
{
"status": "affected",
"version": "1.0.9-428"
},
{
"status": "affected",
"version": "1.0.9-442"
},
{
"status": "affected",
"version": "1.0.9-456"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.\r\n\r These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of these vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:31.634Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"source": {
"advisory": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"defects": [
"CSCwc35166"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20017",
"datePublished": "2023-08-16T21:01:28.215Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-08-02T08:57:35.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20237 (GCVE-0-2023-20237)
Vulnerability from cvelistv5
Published
2023-08-16 21:00
Modified
2024-08-02 09:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible.
This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Intersight Virtual Appliance |
Version: 1.0.9-503 Version: 1.0.9-536 Version: 1.0.9-538 Version: 1.0.9-558 Version: 1.0.9-561 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-intersight-forward-C45ncgqb",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-intersight-forward-C45ncgqb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Intersight Virtual Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.9-503"
},
{
"status": "affected",
"version": "1.0.9-536"
},
{
"status": "affected",
"version": "1.0.9-538"
},
{
"status": "affected",
"version": "1.0.9-558"
},
{
"status": "affected",
"version": "1.0.9-561"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible.\r\n\r This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker access to internal subnets beyond the sphere of their intended access level."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:58:28.408Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-intersight-forward-C45ncgqb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-intersight-forward-C45ncgqb"
}
],
"source": {
"advisory": "cisco-sa-intersight-forward-C45ncgqb",
"defects": [
"CSCwf38029"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20237",
"datePublished": "2023-08-16T21:00:25.948Z",
"dateReserved": "2022-10-27T18:47:50.370Z",
"dateUpdated": "2024-08-02T09:05:35.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20013 (GCVE-0-2023-20013)
Vulnerability from cvelistv5
Published
2023-08-16 21:01
Modified
2024-11-21 21:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.
These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Intersight Virtual Appliance |
Version: 1.0.9-113 Version: 1.0.9-148 Version: 1.0.9-230 Version: 1.0.9-53 Version: 1.0.9-7 Version: 1.0.9-197 Version: 1.0.9-170 Version: 1.0.9-149 Version: 1.0.9-278 Version: 1.0.9-184 Version: 1.0.9-232 Version: 1.0.9-83 Version: 1.0.9-90 Version: 1.0.9-97 Version: 1.0.9-125 Version: 1.0.9-250 Version: 1.0.9-77 Version: 1.0.9-133 Version: 1.0.9-67 Version: 1.0.9-214 Version: 1.0.9-103 Version: 1.0.9-266 Version: 1.0.9-13 Version: 1.0.9-164 Version: 1.0.9-292 Version: 1.0.9-302 Version: 1.0.9-319 Version: 1.0.9-343 Version: 1.0.9-360 Version: 1.0.9-361 Version: 1.0.9-378 Version: 1.0.9-389 Version: 1.0.9-402 Version: 1.0.9-428 Version: 1.0.9-442 Version: 1.0.9-456 Version: 1.0.9-503 Version: 1.0.9-536 Version: 1.0.9-538 Version: 1.0.9-558 Version: 1.0.9-561 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-30T15:25:03.100326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T21:41:55.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Intersight Virtual Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.9-113"
},
{
"status": "affected",
"version": "1.0.9-148"
},
{
"status": "affected",
"version": "1.0.9-230"
},
{
"status": "affected",
"version": "1.0.9-53"
},
{
"status": "affected",
"version": "1.0.9-7"
},
{
"status": "affected",
"version": "1.0.9-197"
},
{
"status": "affected",
"version": "1.0.9-170"
},
{
"status": "affected",
"version": "1.0.9-149"
},
{
"status": "affected",
"version": "1.0.9-278"
},
{
"status": "affected",
"version": "1.0.9-184"
},
{
"status": "affected",
"version": "1.0.9-232"
},
{
"status": "affected",
"version": "1.0.9-83"
},
{
"status": "affected",
"version": "1.0.9-90"
},
{
"status": "affected",
"version": "1.0.9-97"
},
{
"status": "affected",
"version": "1.0.9-125"
},
{
"status": "affected",
"version": "1.0.9-250"
},
{
"status": "affected",
"version": "1.0.9-77"
},
{
"status": "affected",
"version": "1.0.9-133"
},
{
"status": "affected",
"version": "1.0.9-67"
},
{
"status": "affected",
"version": "1.0.9-214"
},
{
"status": "affected",
"version": "1.0.9-103"
},
{
"status": "affected",
"version": "1.0.9-266"
},
{
"status": "affected",
"version": "1.0.9-13"
},
{
"status": "affected",
"version": "1.0.9-164"
},
{
"status": "affected",
"version": "1.0.9-292"
},
{
"status": "affected",
"version": "1.0.9-302"
},
{
"status": "affected",
"version": "1.0.9-319"
},
{
"status": "affected",
"version": "1.0.9-343"
},
{
"status": "affected",
"version": "1.0.9-360"
},
{
"status": "affected",
"version": "1.0.9-361"
},
{
"status": "affected",
"version": "1.0.9-378"
},
{
"status": "affected",
"version": "1.0.9-389"
},
{
"status": "affected",
"version": "1.0.9-402"
},
{
"status": "affected",
"version": "1.0.9-428"
},
{
"status": "affected",
"version": "1.0.9-442"
},
{
"status": "affected",
"version": "1.0.9-456"
},
{
"status": "affected",
"version": "1.0.9-503"
},
{
"status": "affected",
"version": "1.0.9-536"
},
{
"status": "affected",
"version": "1.0.9-538"
},
{
"status": "affected",
"version": "1.0.9-558"
},
{
"status": "affected",
"version": "1.0.9-561"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Intersight Private Virtual Appliance could allow an authenticated, remote attacker to execute arbitrary commands using root-level privileges. The attacker would need to have Administrator privileges on the affected device to exploit these vulnerabilities.\r\n\r These vulnerabilities are due to insufficient input validation when extracting uploaded software packages. An attacker could exploit these vulnerabilities by authenticating to an affected device and uploading a crafted software package. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of these vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:30.936Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ivpa-cmdinj-C5XRbbOy"
}
],
"source": {
"advisory": "cisco-sa-ivpa-cmdinj-C5XRbbOy",
"defects": [
"CSCwc35159"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20013",
"datePublished": "2023-08-16T21:01:43.295Z",
"dateReserved": "2022-10-27T18:47:50.308Z",
"dateUpdated": "2024-11-21T21:41:55.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}