Lucene search
PRIOn knowledge basePRION:CVE-2023-20224HistoryAug 16, 2023 - 10:15 p.m.
Input validation
2023-08-1622:15:00
PRIOn knowledge base
www.prio-n.com
3
vulnerability
cisco thousandeyes
enterprise agent
virtual appliance
cli
input validation
privilege elevation
root access
crafted commands
user credentials
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An attacker could exploit this vulnerability by authenticating to an affected device and using crafted commands at the prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. The attacker must have valid credentials on the affected device.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thousandeyes_enterprise_agent | lt | 0.230 |
Related
korelogic
korelogic
cve
cve
CVE-2023-20224
2023-08-16 22:15:11
cvelist
cvelist
CVE-2023-20224
2023-08-16 21:43:47
packetstorm
packetstorm
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation
2023-08-18 00:00:00
nvd
nvd
CVE-2023-20224
2023-08-16 22:15:11
zdt
zdt
cisco
cisco