Lucene search

CiscoCVE-2023-20029

HistoryMar 23, 2023 - 5:15 p.m.

CVE-2023-20029

2023-03-2317:15:13

CWE-122

cisco

web.nvd.nist.gov

cisco

ios xe

software

vulnerability

meraki

onboarding

authenticated

local attacker

root privileges

nvd

cve-2023-20029

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root.

Affected configurations

Nvd

Node

ciscoios_xeMatch17.7.1

ciscoios_xeMatch17.8.1

AND

ciscocatalyst_9200Match-

ciscocatalyst_9200cxMatch-

ciscocatalyst_9200lMatch-

ciscocatalyst_9300Match-

ciscocatalyst_9300-24p-aMatch-

ciscocatalyst_9300-24p-eMatch-

ciscocatalyst_9300-24s-aMatch-

ciscocatalyst_9300-24s-eMatch-

ciscocatalyst_9300-24t-aMatch-

ciscocatalyst_9300-24t-eMatch-

ciscocatalyst_9300-24u-aMatch-

ciscocatalyst_9300-24u-eMatch-

ciscocatalyst_9300-24ux-aMatch-

ciscocatalyst_9300-24ux-eMatch-

ciscocatalyst_9300-48p-aMatch-

ciscocatalyst_9300-48p-eMatch-

ciscocatalyst_9300-48s-aMatch-

ciscocatalyst_9300-48s-eMatch-

ciscocatalyst_9300-48t-aMatch-

ciscocatalyst_9300-48t-eMatch-

ciscocatalyst_9300-48u-aMatch-

ciscocatalyst_9300-48u-eMatch-

ciscocatalyst_9300-48un-aMatch-

ciscocatalyst_9300-48un-eMatch-

ciscocatalyst_9300-48uxm-aMatch-

ciscocatalyst_9300-48uxm-eMatch-

ciscocatalyst_9300lMatch-

ciscocatalyst_9300l-24p-4g-aMatch-

ciscocatalyst_9300l-24p-4g-eMatch-

ciscocatalyst_9300l-24p-4x-aMatch-

ciscocatalyst_9300l-24p-4x-eMatch-

ciscocatalyst_9300l-24t-4g-aMatch-

ciscocatalyst_9300l-24t-4g-eMatch-

ciscocatalyst_9300l-24t-4x-aMatch-

ciscocatalyst_9300l-24t-4x-eMatch-

ciscocatalyst_9300l-48p-4g-aMatch-

ciscocatalyst_9300l-48p-4g-eMatch-

ciscocatalyst_9300l-48p-4x-aMatch-

ciscocatalyst_9300l-48p-4x-eMatch-

ciscocatalyst_9300l-48t-4g-aMatch-

ciscocatalyst_9300l-48t-4g-eMatch-

ciscocatalyst_9300l-48t-4x-aMatch-

ciscocatalyst_9300l-48t-4x-eMatch-

ciscocatalyst_9300l_stackMatch-

ciscocatalyst_9300lmMatch-

ciscocatalyst_9300xMatch-

VendorProductVersionCPE
ciscoios_xe17.7.1cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*
ciscoios_xe17.8.1cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*
ciscocatalyst_9200-cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*
ciscocatalyst_9200cx-cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*
ciscocatalyst_9200l-cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*
ciscocatalyst_9300-cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24p-a-cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24p-e-cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24s-a-cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*
ciscocatalyst_9300-24s-e-cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xe	17.7.1	cpe:2.3:o:cisco:ios_xe:17.7.1:::::::*
cisco	ios_xe	17.8.1	cpe:2.3:o:cisco:ios_xe:17.8.1:::::::*
cisco	catalyst_9200	-	cpe:2.3:h:cisco:catalyst_9200:-:::::::*
cisco	catalyst_9200cx	-	cpe:2.3:h:cisco:catalyst_9200cx:-:::::::*
cisco	catalyst_9200l	-	cpe:2.3:h:cisco:catalyst_9200l:-:::::::*
cisco	catalyst_9300	-	cpe:2.3:h:cisco:catalyst_9300:-:::::::*
cisco	catalyst_9300-24p-a	-	cpe:2.3:h:cisco:catalyst_9300-24p-a:-:::::::*
cisco	catalyst_9300-24p-e	-	cpe:2.3:h:cisco:catalyst_9300-24p-e:-:::::::*
cisco	catalyst_9300-24s-a	-	cpe:2.3:h:cisco:catalyst_9300-24s-a:-:::::::*
cisco	catalyst_9300-24s-e	-	cpe:2.3:h:cisco:catalyst_9300-24s-e:-:::::::*

Rows per page:

1-10 of 481

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XE Software ",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-sABD8hcU

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-20029