CiscoCVE-2023-20136CVE-2023-20136
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
26.2%
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.
This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | secure_workload | * | cpe:2.3:a:cisco:secure_workload:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Secure Workload",
"versions": [
{
"version": "1.102.21",
"status": "affected"
},
{
"version": "1.103.1.12",
"status": "affected"
},
{
"version": "2.0.1.34",
"status": "affected"
},
{
"version": "2.0.2.20",
"status": "affected"
},
{
"version": "2.1.1.29",
"status": "affected"
},
{
"version": "2.1.1.31",
"status": "affected"
},
{
"version": "2.1.1.33",
"status": "affected"
},
{
"version": "2.2.1.34",
"status": "affected"
},
{
"version": "2.2.1.35",
"status": "affected"
},
{
"version": "2.2.1.39",
"status": "affected"
},
{
"version": "2.2.1.41",
"status": "affected"
},
{
"version": "2.3.1.41",
"status": "affected"
},
{
"version": "2.3.1.45",
"status": "affected"
},
{
"version": "2.3.1.49",
"status": "affected"
},
{
"version": "2.3.1.50",
"status": "affected"
},
{
"version": "2.3.1.51",
"status": "affected"
},
{
"version": "2.3.1.52",
"status": "affected"
},
{
"version": "2.3.1.53",
"status": "affected"
},
{
"version": "3.1.1.53",
"status": "affected"
},
{
"version": "3.1.1.54",
"status": "affected"
},
{
"version": "3.1.1.55",
"status": "affected"
},
{
"version": "3.1.1.59",
"status": "affected"
},
{
"version": "3.1.1.61",
"status": "affected"
},
{
"version": "3.1.1.65",
"status": "affected"
},
{
"version": "3.1.1.67",
"status": "affected"
},
{
"version": "3.1.1.70",
"status": "affected"
},
{
"version": "3.2.1.18",
"status": "affected"
},
{
"version": "3.2.1.19",
"status": "affected"
},
{
"version": "3.2.1.20",
"status": "affected"
},
{
"version": "3.2.1.28",
"status": "affected"
},
{
"version": "3.2.1.31",
"status": "affected"
},
{
"version": "3.2.1.32",
"status": "affected"
},
{
"version": "3.2.1.33",
"status": "affected"
},
{
"version": "3.3.2.12",
"status": "affected"
},
{
"version": "3.3.2.16",
"status": "affected"
},
{
"version": "3.3.2.2",
"status": "affected"
},
{
"version": "3.3.2.23",
"status": "affected"
},
{
"version": "3.3.2.28",
"status": "affected"
},
{
"version": "3.3.2.33",
"status": "affected"
},
{
"version": "3.3.2.35",
"status": "affected"
},
{
"version": "3.3.2.42",
"status": "affected"
},
{
"version": "3.3.2.5",
"status": "affected"
},
{
"version": "3.3.2.50",
"status": "affected"
},
{
"version": "3.3.2.53",
"status": "affected"
},
{
"version": "3.4.1.1",
"status": "affected"
},
{
"version": "3.4.1.14",
"status": "affected"
},
{
"version": "3.4.1.19",
"status": "affected"
},
{
"version": "3.4.1.20",
"status": "affected"
},
{
"version": "3.4.1.28",
"status": "affected"
},
{
"version": "3.4.1.34",
"status": "affected"
},
{
"version": "3.4.1.35",
"status": "affected"
},
{
"version": "3.4.1.6",
"status": "affected"
},
{
"version": "3.4.1.40",
"status": "affected"
},
{
"version": "3.5.1.1",
"status": "affected"
},
{
"version": "3.5.1.17",
"status": "affected"
},
{
"version": "3.5.1.2",
"status": "affected"
},
{
"version": "3.5.1.20",
"status": "affected"
},
{
"version": "3.5.1.23",
"status": "affected"
},
{
"version": "3.5.1.30",
"status": "affected"
},
{
"version": "3.5.1.31",
"status": "affected"
},
{
"version": "3.5.1.37",
"status": "affected"
},
{
"version": "3.6.1.17",
"status": "affected"
},
{
"version": "3.6.1.21",
"status": "affected"
},
{
"version": "3.6.1.36",
"status": "affected"
},
{
"version": "3.6.1.47",
"status": "affected"
},
{
"version": "3.6.1.5",
"status": "affected"
},
{
"version": "3.6.1.52",
"status": "affected"
},
{
"version": "3.7.1.22",
"status": "affected"
},
{
"version": "3.7.1.5",
"status": "affected"
}
]
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
26.2%