CVE-2023-20122

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*

History

No history.

Information

Published : 2023-04-05 19:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-20122

Mitre link : CVE-2023-20122

CVE.ORG link : CVE-2023-20122


JSON object : View

Products Affected

cisco

  • identity_services_engine
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')