A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 07:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw - Vendor Advisory |
22 May 2023, 18:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco 1100-4p Integrated Services Router
Cisco 4351 Integrated Services Router Cisco 1109 Integrated Services Router Cisco 1160 Integrated Services Router Cisco 1101 Integrated Services Router Cisco 4221 Integrated Services Router Cisco 4431 Integrated Services Router Cisco 1100-4g\/6g Integrated Services Router Cisco 1120 Integrated Services Router Cisco 4451 Integrated Services Router Cisco 4331 Integrated Services Router Cisco 1101-4p Integrated Services Router Cisco 4461 Integrated Services Router Cisco 4321 Integrated Services Router Cisco 1100-8p Integrated Services Router Cisco 4451-x Integrated Services Router Cisco 1100 Integrated Services Router Cisco 1109-4p Integrated Services Router Cisco 1109-2p Integrated Services Router Cisco 1131 Integrated Services Router |
|
CPE | cpe:2.3:h:cisco:isr_1109-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4431:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109-2p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4461:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4351:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4331:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4451:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4451-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1131:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4g\/6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4321:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4g\/6g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:* |
30 Mar 2023, 19:32
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (CISCO) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw - Vendor Advisory | |
CPE | cpe:2.3:h:cisco:isr_1100-8p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4431:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109-2p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4461:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4351:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4331:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4451:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4451-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1131:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4g\/6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_4321:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* |
|
First Time |
Cisco isr 4431
Cisco isr 1100-4p Cisco catalyst 8200 Cisco isr 1100 Cisco isr 4351 Cisco catalyst 8500l Cisco catalyst 8300-2n2s-6t Cisco isr 1109-2p Cisco asr 1002-hx Cisco isr 1101-4p Cisco asr 1009-x Cisco isr 1101 Cisco asr 1006-x Cisco isr 1120 Cisco catalyst 8300-1n1s-6t Cisco isr 1131 Cisco isr 1109-4p Cisco Cisco catalyst 8000v Edge Cisco isr 4461 Cisco catalyst 8300-2n2s-4t2x Cisco isr 1100-8p Cisco isr 4331 Cisco isr 1160 Cisco isr 4321 Cisco catalyst 8500 Cisco isr 4451 Cisco catalyst 8510csr Cisco isr 1109 Cisco isr 4451-x Cisco catalyst 8300 Cisco isr 1100-4g\/6g Cisco isr 4221 Cisco catalyst 8500-4qc Cisco catalyst 8510msr Cisco asr 1001-x Cisco csr 1000v Cisco ios Xe Sd-wan Cisco catalyst 8300-1n1s-4t2x Cisco catalyst 8540msr Cisco catalyst 8540csr |
23 Mar 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-23 17:15
Updated : 2024-11-21 07:40
NVD link : CVE-2023-20035
Mitre link : CVE-2023-20035
CVE.ORG link : CVE-2023-20035
JSON object : View
Products Affected
cisco
- 1160_integrated_services_router
- catalyst_8540msr
- asr_1001-x
- catalyst_8300-1n1s-4t2x
- catalyst_8510msr
- 1100-4p_integrated_services_router
- 4331_integrated_services_router
- 1109-4p_integrated_services_router
- 4451_integrated_services_router
- asr_1009-x
- catalyst_8510csr
- catalyst_8500-4qc
- 1109_integrated_services_router
- 1120_integrated_services_router
- catalyst_8300-2n2s-6t
- catalyst_8300-1n1s-6t
- catalyst_8300
- csr_1000v
- asr_1006-x
- catalyst_8500l
- 1101-4p_integrated_services_router
- ios_xe_sd-wan
- 4221_integrated_services_router
- catalyst_8540csr
- 1131_integrated_services_router
- 4351_integrated_services_router
- 1100-8p_integrated_services_router
- catalyst_8500
- 4431_integrated_services_router
- catalyst_8200
- catalyst_8300-2n2s-4t2x
- 4451-x_integrated_services_router
- 4461_integrated_services_router
- catalyst_8000v_edge
- 4321_integrated_services_router
- 1100_integrated_services_router
- 1109-2p_integrated_services_router
- asr_1002-hx
- 1100-4g\/6g_integrated_services_router
- 1101_integrated_services_router
CWE