CVE-2023-20234

Published: Aug 23, 2023Modified: Nov 21, 2024

6.0

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Exploitability: 0.8 / Impact: 5.2

Source: NVD

Description

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

Affected (1)

Products: Cisco: Firepower Extensible Operating System

Cisco

1 product

Firepower Extensible Operating System

Configuration A

1 vulnerable · 42 platform

Vulnerable Software	Affected Versions
Cisco Firepower Extensible Operating System	All versions

Running on/with	Platform Versions
Cisco Firepower 1000	All versions
Cisco Firepower 1010	All versions
Cisco Firepower 1020	All versions
Cisco Firepower 1030	All versions
Cisco Firepower 1040	All versions
Cisco Firepower 2100	All versions
Cisco Firepower 2110	All versions
Cisco Firepower 2120	All versions
Cisco Firepower 2130	All versions
Cisco Firepower 2140	All versions
Cisco Firepower 4100	All versions
Cisco Firepower 4110	All versions
Cisco Firepower 4110 Next Generation Firewall	All versions
Cisco Firepower 4112	All versions
Cisco Firepower 4115	All versions
Cisco Firepower 4120	All versions
Cisco Firepower 4120 Next Generation Firewall	All versions
Cisco Firepower 4125	All versions
Cisco Firepower 4140	All versions
Cisco Firepower 4140 Next Generation Firewall	All versions
Cisco Firepower 4145	All versions
Cisco Firepower 4150	All versions
Cisco Firepower 4150 Next Generation Firewall	All versions
Cisco Firepower 9300	All versions
Cisco Firepower 9300 Security Appliance	All versions
Cisco Firepower 9300 Sm 24	All versions
Cisco Firepower 9300 Sm 36	All versions
Cisco Firepower 9300 Sm 40	All versions
Cisco Firepower 9300 Sm 44	All versions
Cisco Firepower 9300 Sm 44 X 3	All versions
Cisco Firepower 9300 Sm 48	All versions
Cisco Firepower 9300 Sm 56	All versions
Cisco Firepower 9300 Sm 56 X 3	All versions
Cisco Firepower 9300 With 1 Sm 24 Module	All versions
Cisco Firepower 9300 With 1 Sm 36 Module	All versions
Cisco Firepower 9300 With 1 Sm 44 Module	All versions
Cisco Firepower 9300 With 3 Sm 44 Module	All versions
Cisco Secure Firewall 3105	All versions
Cisco Secure Firewall 3110	All versions
Cisco Secure Firewall 3120	All versions
Cisco Secure Firewall 3130	All versions
Cisco Secure Firewall 3140	All versions

Related CWEs

CWE-73

External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (2)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL

Source: psirt@cisco.com

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.