Lucene search

[email protected]CVE-2023-20266

HistoryAug 30, 2023 - 5:15 p.m.

CVE-2023-20266

2023-08-3017:15:08

CWE-347

CWE-269

[email protected]

web.nvd.nist.gov

cisco

emergency responder

unified communications manager

unity connection

vulnerability

privilege elevation

nvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.8%

JSON

A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device.

This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device.

Affected configurations

NVD

Node

ciscoemergency_responderMatch12.5.1su4

ciscoemergency_responderMatch12.5.1su8a

ciscoemergency_responderMatch14su3

ciscounified_communications_managerMatch12.5.1su8-

ciscounified_communications_managerMatch12.5.1su8session_management

ciscounity_connectionMatch12.5\(1\)su6

ciscounity_connectionMatch12.5\(1\)su7

ciscounity_connectionMatch12.5\(1\)su8

ciscounity_connectionMatch14su2

ciscounity_connectionMatch14su3

CPENameOperatorVersion
cisco:emergency_respondercisco emergency respondereq12.5.1su4
cisco:emergency_respondercisco emergency respondereq12.5.1su8a
cisco:emergency_respondercisco emergency respondereq14su3
cisco:unified_communications_managercisco unified communications managereq12.5.1su8
cisco:unity_connectioncisco unity connectioneq12.5\(1\)su6
cisco:unity_connectioncisco unity connectioneq12.5\(1\)su7
cisco:unity_connectioncisco unity connectioneq12.5\(1\)su8
cisco:unity_connectioncisco unity connectioneq14su2
cisco:unity_connectioncisco unity connectioneq14su3

CPE	Name	Operator	Version
cisco:emergency_responder	cisco emergency responder	eq	12.5.1su4
cisco:emergency_responder	cisco emergency responder	eq	12.5.1su8a
cisco:emergency_responder	cisco emergency responder	eq	14su3
cisco:unified_communications_manager	cisco unified communications manager	eq	12.5.1su8
cisco:unity_connection	cisco unity connection	eq	12.5\(1\)su6
cisco:unity_connection	cisco unity connection	eq	12.5\(1\)su7
cisco:unity_connection	cisco unity connection	eq	12.5\(1\)su8
cisco:unity_connection	cisco unity connection	eq	14su2
cisco:unity_connection	cisco unity connection	eq	14su3

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Emergency Responder",
    "versions": [
      {
        "version": "12.5(1)SU4",
        "status": "affected"
      },
      {
        "version": "12.5(1)SU8a",
        "status": "affected"
      },
      {
        "version": "14SU3",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Unity Connection",
    "versions": [
      {
        "version": "12.5(1)SU6",
        "status": "affected"
      },
      {
        "version": "12.5(1)SU7",
        "status": "affected"
      },
      {
        "version": "12.5(1)SU8",
        "status": "affected"
      },
      {
        "version": "14SU2",
        "status": "affected"
      },
      {
        "version": "14SU3",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Unified Communications Manager",
    "versions": [
      {
        "version": "12.5(1)SU8",
        "status": "affected"
      }
    ]
  }
]