CVE-2023-20035

Published: Mar 23, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.

Affected (1)

Products: Cisco: Ios Xe Sd Wan

Cisco

1 product

Ios Xe Sd Wan

Configuration A

1 vulnerable · 39 platform

Vulnerable Software	Affected Versions
Cisco Ios Xe Sd Wan	All versions

Running on/with	Platform Versions
Cisco 1100 4g/6g Integrated Services Router	All versions
Cisco 1100 4p Integrated Services Router	All versions
Cisco 1100 8p Integrated Services Router	All versions
Cisco 1100 Integrated Services Router	All versions
Cisco 1101 4p Integrated Services Router	All versions
Cisco 1101 Integrated Services Router	All versions
Cisco 1109 2p Integrated Services Router	All versions
Cisco 1109 4p Integrated Services Router	All versions
Cisco 1109 Integrated Services Router	All versions
Cisco 1120 Integrated Services Router	All versions
Cisco 1131 Integrated Services Router	All versions
Cisco 1160 Integrated Services Router	All versions
Cisco 4221 Integrated Services Router	All versions
Cisco 4321 Integrated Services Router	All versions
Cisco 4331 Integrated Services Router	All versions
Cisco 4351 Integrated Services Router	All versions
Cisco 4431 Integrated Services Router	All versions
Cisco 4451 X Integrated Services Router	All versions
Cisco 4451 Integrated Services Router	All versions
Cisco 4461 Integrated Services Router	All versions
Cisco Asr 1001 X	All versions
Cisco Asr 1002 Hx	All versions
Cisco Asr 1006 X	All versions
Cisco Asr 1009 X	All versions
Cisco Catalyst 8000v Edge	All versions
Cisco Catalyst 8200	All versions
Cisco Catalyst 8300	All versions
Cisco Catalyst 8300 1n1s 4t2x	All versions
Cisco Catalyst 8300 1n1s 6t	All versions
Cisco Catalyst 8300 2n2s 4t2x	All versions
Cisco Catalyst 8300 2n2s 6t	All versions
Cisco Catalyst 8500	All versions
Cisco Catalyst 8500 4qc	All versions
Cisco Catalyst 8500l	All versions
Cisco Catalyst 8510csr	All versions
Cisco Catalyst 8510msr	All versions
Cisco Catalyst 8540csr	All versions
Cisco Catalyst 8540msr	All versions
Cisco Csr 1000v	All versions

Related CWEs

CWE-146

Improper Neutralization of Expression/Command Delimiters

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component.

References (2)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw

Source: psirt@cisco.com

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.