A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
|
History
21 Nov 2024, 07:40
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.6 |
| References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 - Vendor Advisory |
05 Apr 2023, 18:22
| Type | Values Removed | Values Added |
|---|---|---|
| References | (CISCO) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
| First Time |
Cisco aironet Access Point Software
Cisco aironet 1542d Cisco catalyst 9130 Ap Cisco catalyst 9130 Cisco catalyst 9124ax Cisco aironet 3800 Cisco catalyst 9115 Ap Cisco catalyst 9105 Cisco catalyst Iw6300 Ac Cisco catalyst Iw6300 Cisco aironet 1815w Cisco aironet 3800i Cisco catalyst 9105axw Cisco aironet 1562d Cisco aironet 1542i Cisco aironet 2800 Cisco catalyst 9115 Cisco catalyst 9120 Ap Cisco catalyst 9115ax Cisco aironet 1562e Cisco catalyst 9124axi Cisco aironet 1800 Cisco aironet 3800p Cisco catalyst 9117 Cisco aironet 2800i Cisco aironet 1815t Cisco aironet 2800e Cisco aironet 1562i Cisco wireless Lan Controller Software Cisco Cisco catalyst Iw6300 Dcw Cisco catalyst 9130ax Cisco aironet 1560 Cisco esw6300 Cisco catalyst 9124axd Cisco catalyst 9117 Ap Cisco catalyst 9115axe Cisco catalyst 9130axi Cisco catalyst 9120axp Cisco catalyst 9117axi Cisco catalyst 9120 Cisco aironet 1815i Cisco aironet 1810w Cisco aironet 1540 Cisco catalyst 9105axi Cisco catalyst 9115axi Cisco catalyst 9100 Cisco aironet 1800i Cisco aironet 3800e Cisco catalyst 9105ax Cisco catalyst Iw6300 Dc Cisco aironet 1815m Cisco catalyst 9124 Cisco catalyst 9130axe Cisco catalyst 9120axe Cisco aironet 1815 Cisco aironet 4800 Cisco aironet 1810 Cisco catalyst 9120ax Cisco catalyst 9120axi Cisco catalyst 9117ax Cisco ios Xe |
|
| CPE | cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1542i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1560:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_3800e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1815t:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1810w:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_3800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1815i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1815:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_2800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1815w:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_3800p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_iw6300_ac:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_4800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_3800i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1562e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1800i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_2800i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1540:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_iw6300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1810:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_2800e:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1800:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_iw6300_dc:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:aironet_1562i:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:* |
|
| CWE | CWE-77 |
23 Mar 2023, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-03-23 17:15
Updated : 2024-11-21 07:40
NVD link : CVE-2023-20097
Mitre link : CVE-2023-20097
CVE.ORG link : CVE-2023-20097
JSON object : View
Products Affected
cisco
- catalyst_9105axw
- aironet_1542d
- catalyst_9115
- catalyst_9100
- aironet_2800i
- aironet_1562e
- catalyst_9117
- aironet_2800
- aironet_1542i
- aironet_1815i
- catalyst_9115ax
- catalyst_9124axd
- catalyst_9120ax
- catalyst_9117_ap
- aironet_1815t
- aironet_1815w
- catalyst_9124axi
- esw6300
- aironet_1562d
- wireless_lan_controller_software
- aironet_3800e
- catalyst_9120
- aironet_1800
- catalyst_9130
- catalyst_9130axe
- aironet_access_point_software
- catalyst_9117axi
- aironet_2800e
- catalyst_9120_ap
- catalyst_9115axe
- catalyst_9115axi
- catalyst_9105
- aironet_1562i
- catalyst_9105ax
- catalyst_9105axi
- aironet_1800i
- catalyst_9115_ap
- catalyst_9117ax
- catalyst_9120axe
- catalyst_9120axi
- catalyst_9120axp
- catalyst_iw6300
- aironet_1815
- catalyst_iw6300_ac
- catalyst_9130axi
- aironet_3800p
- aironet_1540
- catalyst_iw6300_dcw
- aironet_1815m
- ios_xe
- catalyst_9124ax
- aironet_4800
- catalyst_9130_ap
- catalyst_iw6300_dc
- catalyst_9124
- aironet_3800i
- catalyst_9130ax
- aironet_1560
- aironet_1810w
- aironet_1810
- aironet_3800
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')