CVE-2023-20035

{"id": "CVE-2023-20035", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-03-23T17:15:14.030", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-146"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."}], "lastModified": "2023-11-07T04:05:49.507", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16266B9E-E613-45FA-A02B-51EED8BEFCC9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF365FC4-46E3-4564-9F25-1C2FBE70057B"}, {"criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7"}, {"criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7"}, {"criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6"}, {"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"}, {"criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2"}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77"}, {"criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B"}, {"criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E"}, {"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02"}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"}, {"criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984"}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350"}, {"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"}, {"criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F"}, {"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5"}, {"criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2"}, {"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD"}, {"criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21"}, {"criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06"}, {"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D"}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A"}, {"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46"}, {"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B"}, {"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B"}, {"criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380"}, {"criteria": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF8B0B49-2C99-410B-B011-5B821C5992FB"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}