CVE-2023-20050
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.
Affected (4)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Cisco Mds 9000 | All versions |
Cisco Mds 9100 | All versions |
Cisco Mds 9132t | All versions |
Cisco Mds 9134 | All versions |
Cisco Mds 9140 | All versions |
Cisco Mds 9148 | All versions |
Cisco Mds 9148s | All versions |
Cisco Mds 9148t | All versions |
Cisco Mds 9200 | All versions |
Cisco Mds 9216 | All versions |
Cisco Mds 9216a | All versions |
Cisco Mds 9216i | All versions |
Cisco Mds 9222i | All versions |
Cisco Mds 9250i | All versions |
Cisco Mds 9396s | All versions |
Cisco Mds 9396t | All versions |
Cisco Mds 9500 | All versions |
Cisco Mds 9506 | All versions |
Cisco Mds 9509 | All versions |
Cisco Mds 9513 | All versions |
Cisco Mds 9700 | All versions |
Cisco Mds 9706 | All versions |
Cisco Mds 9710 | All versions |
Cisco Mds 9718 | All versions |
Cisco Nexus 1000 Virtual Edge | All versions |
Cisco Nexus 1000v | All versions |
Cisco Nexus 5500 | All versions |
Cisco Nexus 5548p | All versions |
Cisco Nexus 5548up | All versions |
Cisco Nexus 5596t | All versions |
Cisco Nexus 5596up | All versions |
Cisco Nexus 5600 | All versions |
Cisco Nexus 56128p | All versions |
Cisco Nexus 5624q | All versions |
Cisco Nexus 5648q | All versions |
Cisco Nexus 5672up | All versions |
Cisco Nexus 5672up 16g | All versions |
Cisco Nexus 5696q | All versions |
Cisco Nexus 6000 | All versions |
Cisco Nexus 6001 | All versions |
Cisco Nexus 6001p | All versions |
Cisco Nexus 6001t | All versions |
Cisco Nexus 6004 | All versions |
Cisco Nexus 6004x | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 8.2\(9\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 7000 | All versions |
Cisco Nexus 7004 | All versions |
Cisco Nexus 7009 | All versions |
Cisco Nexus 7010 | All versions |
Cisco Nexus 7018 | All versions |
Cisco Nexus 7700 | All versions |
Cisco Nexus 7702 | All versions |
Cisco Nexus 7706 | All versions |
Cisco Nexus 7710 | All versions |
Cisco Nexus 7718 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.2\(4\) |
| Running on/with | Platform Versions |
|---|---|
Cisco Nexus 3016 | All versions |
Cisco Nexus 3016q | All versions |
Cisco Nexus 3048 | All versions |
Cisco Nexus 3064 | All versions |
Cisco Nexus 3064 32t | All versions |
Cisco Nexus 3064 T | All versions |
Cisco Nexus 3064 X | All versions |
Cisco Nexus 3064t | All versions |
Cisco Nexus 3064x | All versions |
Cisco Nexus 3100 | All versions |
Cisco Nexus 3100 V | All versions |
Cisco Nexus 3100 Z | All versions |
Cisco Nexus 3100v | All versions |
Cisco Nexus 31108pc V | All versions |
Cisco Nexus 31108pv V | All versions |
Cisco Nexus 31108tc V | All versions |
Cisco Nexus 31128pq | All versions |
Cisco Nexus 3132c Z | All versions |
Cisco Nexus 3132q | All versions |
Cisco Nexus 3132q V | All versions |
Cisco Nexus 3132q X | All versions |
Cisco Nexus 3132q X/3132q Xl | All versions |
Cisco Nexus 3132q Xl | All versions |
Cisco Nexus 3164q | All versions |
Cisco Nexus 3172 | All versions |
Cisco Nexus 3172pq | All versions |
Cisco Nexus 3172pq Xl | All versions |
Cisco Nexus 3172pq/pq Xl | All versions |
Cisco Nexus 3172tq | All versions |
Cisco Nexus 3172tq 32t | All versions |
Cisco Nexus 3172tq Xl | All versions |
Cisco Nexus 3200 | All versions |
Cisco Nexus 3232c | All versions |
Cisco Nexus 3232c | All versions |
Cisco Nexus 3264c E | All versions |
Cisco Nexus 3264q | All versions |
Cisco Nexus 3400 | All versions |
Cisco Nexus 3408 S | All versions |
Cisco Nexus 34180yc | All versions |
Cisco Nexus 34200yc Sm | All versions |
Cisco Nexus 3432d S | All versions |
Cisco Nexus 3464c | All versions |
Cisco Nexus 3500 | All versions |
Cisco Nexus 3524 | All versions |
Cisco Nexus 3524 X | All versions |
Cisco Nexus 3524 X/xl | All versions |
Cisco Nexus 3524 Xl | All versions |
Cisco Nexus 3548 | All versions |
Cisco Nexus 3548 X | All versions |
Cisco Nexus 3548 X/xl | All versions |
Cisco Nexus 3548 Xl | All versions |
Cisco Nexus 3600 | All versions |
Cisco Nexus 36180yc R | All versions |
Cisco Nexus 3636c R | All versions |
Cisco Nexus 9000 | All versions |
Cisco Nexus 9000v | All versions |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.