CVE-2023-20273

Published: Oct 25, 2023Modified: Oct 28, 2025CISA KEV

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Affected (189)

Products: Cisco: Ios Xe

Cisco

1 product

Ios Xe

Configuration A

185 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios Xe	Version 16.1.1
Cisco Ios Xe	Version 16.1.2
Cisco Ios Xe	Version 16.1.3
Cisco Ios Xe	Version 16.10.1
Cisco Ios Xe	Version 16.10.1a
Cisco Ios Xe	Version 16.10.1b
Cisco Ios Xe	Version 16.10.1c
Cisco Ios Xe	Version 16.10.1d
Cisco Ios Xe	Version 16.10.1e
Cisco Ios Xe	Version 16.10.1f
Cisco Ios Xe	Version 16.10.1g
Cisco Ios Xe	Version 16.10.1s
Cisco Ios Xe	Version 16.10.2
Cisco Ios Xe	Version 16.10.3
Cisco Ios Xe	Version 16.11.1
Cisco Ios Xe	Version 16.11.1a
Cisco Ios Xe	Version 16.11.1b
Cisco Ios Xe	Version 16.11.1s
Cisco Ios Xe	Version 16.11.2
Cisco Ios Xe	Version 16.12.10
Cisco Ios Xe	Version 16.12.1
Cisco Ios Xe	Version 16.12.1a
Cisco Ios Xe	Version 16.12.1c
Cisco Ios Xe	Version 16.12.1s
Cisco Ios Xe	Version 16.12.1t
Cisco Ios Xe	Version 16.12.1w
Cisco Ios Xe	Version 16.12.1x
Cisco Ios Xe	Version 16.12.1y
Cisco Ios Xe	Version 16.12.1z1
Cisco Ios Xe	Version 16.12.1z2
Cisco Ios Xe	Version 16.12.2
Cisco Ios Xe	Version 16.12.2a
Cisco Ios Xe	Version 16.12.2s
Cisco Ios Xe	Version 16.12.3
Cisco Ios Xe	Version 16.12.3a
Cisco Ios Xe	Version 16.12.3s
Cisco Ios Xe	Version 16.12.4
Cisco Ios Xe	Version 16.12.4a
Cisco Ios Xe	Version 16.12.5
Cisco Ios Xe	Version 16.12.5a
Cisco Ios Xe	Version 16.12.5b
Cisco Ios Xe	Version 16.12.6
Cisco Ios Xe	Version 16.12.6a
Cisco Ios Xe	Version 16.12.7
Cisco Ios Xe	Version 16.12.8
Cisco Ios Xe	Version 16.12.9
Cisco Ios Xe	Version 16.2.1
Cisco Ios Xe	Version 16.2.2
Cisco Ios Xe	Version 16.3.10
Cisco Ios Xe	Version 16.3.11
Cisco Ios Xe	Version 16.3.1a
Cisco Ios Xe	Version 16.3.2
Cisco Ios Xe	Version 16.3.3
Cisco Ios Xe	Version 16.3.4
Cisco Ios Xe	Version 16.3.5
Cisco Ios Xe	Version 16.3.5b
Cisco Ios Xe	Version 16.3.6
Cisco Ios Xe	Version 16.3.7
Cisco Ios Xe	Version 16.3.8
Cisco Ios Xe	Version 16.3.9
Cisco Ios Xe	Version 16.4.1
Cisco Ios Xe	Version 16.4.2
Cisco Ios Xe	Version 16.4.3
Cisco Ios Xe	Version 16.5.1
Cisco Ios Xe	Version 16.5.1a
Cisco Ios Xe	Version 16.5.1b
Cisco Ios Xe	Version 16.5.2
Cisco Ios Xe	Version 16.5.3
Cisco Ios Xe	Version 16.6.10
Cisco Ios Xe	Version 16.6.1
Cisco Ios Xe	Version 16.6.2
Cisco Ios Xe	Version 16.6.3
Cisco Ios Xe	Version 16.6.4
Cisco Ios Xe	Version 16.6.4a
Cisco Ios Xe	Version 16.6.5
Cisco Ios Xe	Version 16.6.5a
Cisco Ios Xe	Version 16.6.6
Cisco Ios Xe	Version 16.6.7
Cisco Ios Xe	Version 16.6.8
Cisco Ios Xe	Version 16.6.9
Cisco Ios Xe	Version 16.7.1
Cisco Ios Xe	Version 16.7.1a
Cisco Ios Xe	Version 16.7.1b
Cisco Ios Xe	Version 16.7.2
Cisco Ios Xe	Version 16.7.3
Cisco Ios Xe	Version 16.7.4
Cisco Ios Xe	Version 16.8.1
Cisco Ios Xe	Version 16.8.1a
Cisco Ios Xe	Version 16.8.1b
Cisco Ios Xe	Version 16.8.1c
Cisco Ios Xe	Version 16.8.1d
Cisco Ios Xe	Version 16.8.1e
Cisco Ios Xe	Version 16.8.1s
Cisco Ios Xe	Version 16.8.2
Cisco Ios Xe	Version 16.8.3
Cisco Ios Xe	Version 16.9.1
Cisco Ios Xe	Version 16.9.1a
Cisco Ios Xe	Version 16.9.1b
Cisco Ios Xe	Version 16.9.1s
Cisco Ios Xe	Version 16.9.2
Cisco Ios Xe	Version 16.9.3
Cisco Ios Xe	Version 16.9.3a
Cisco Ios Xe	Version 16.9.4
Cisco Ios Xe	Version 16.9.5
Cisco Ios Xe	Version 16.9.5f
Cisco Ios Xe	Version 16.9.6
Cisco Ios Xe	Version 16.9.7
Cisco Ios Xe	Version 16.9.8
Cisco Ios Xe	Version 17.1.1
Cisco Ios Xe	Version 17.1.1a
Cisco Ios Xe	Version 17.1.1s
Cisco Ios Xe	Version 17.1.1t
Cisco Ios Xe	Version 17.1.3
Cisco Ios Xe	Version 17.10.1
Cisco Ios Xe	Version 17.10.1a
Cisco Ios Xe	Version 17.10.1b
Cisco Ios Xe	Version 17.11.1
Cisco Ios Xe	Version 17.11.1a
Cisco Ios Xe	Version 17.11.99sw
Cisco Ios Xe	Version 17.12.1
Cisco Ios Xe	Version 17.12.1a
Cisco Ios Xe	Version 17.2.1
Cisco Ios Xe	Version 17.2.1a
Cisco Ios Xe	Version 17.2.1r
Cisco Ios Xe	Version 17.2.1v
Cisco Ios Xe	Version 17.2.2
Cisco Ios Xe	Version 17.2.3
Cisco Ios Xe	Version 17.3.1
Cisco Ios Xe	Version 17.3.1a
Cisco Ios Xe	Version 17.3.1w
Cisco Ios Xe	Version 17.3.1x
Cisco Ios Xe	Version 17.3.1z
Cisco Ios Xe	Version 17.3.2
Cisco Ios Xe	Version 17.3.2a
Cisco Ios Xe	Version 17.3.3
Cisco Ios Xe	Version 17.3.4
Cisco Ios Xe	Version 17.3.4a
Cisco Ios Xe	Version 17.3.4b
Cisco Ios Xe	Version 17.3.4c
Cisco Ios Xe	Version 17.3.5
Cisco Ios Xe	Version 17.3.5a
Cisco Ios Xe	Version 17.3.5b
Cisco Ios Xe	Version 17.3.6
Cisco Ios Xe	Version 17.3.7
Cisco Ios Xe	Version 17.3.8
Cisco Ios Xe	Version 17.4.1
Cisco Ios Xe	Version 17.4.1a
Cisco Ios Xe	Version 17.4.1b
Cisco Ios Xe	Version 17.4.2
Cisco Ios Xe	Version 17.4.2a
Cisco Ios Xe	Version 17.5.1
Cisco Ios Xe	Version 17.5.1a
Cisco Ios Xe	Version 17.5.1b
Cisco Ios Xe	Version 17.5.1c
Cisco Ios Xe	Version 17.6.1
Cisco Ios Xe	Version 17.6.1a
Cisco Ios Xe	Version 17.6.1w
Cisco Ios Xe	Version 17.6.1x
Cisco Ios Xe	Version 17.6.1y
Cisco Ios Xe	Version 17.6.1z1
Cisco Ios Xe	Version 17.6.1z
Cisco Ios Xe	Version 17.6.2
Cisco Ios Xe	Version 17.6.3
Cisco Ios Xe	Version 17.6.3a
Cisco Ios Xe	Version 17.6.4
Cisco Ios Xe	Version 17.6.5
Cisco Ios Xe	Version 17.6.6
Cisco Ios Xe	Version 17.7.1
Cisco Ios Xe	Version 17.7.1a
Cisco Ios Xe	Version 17.7.1b
Cisco Ios Xe	Version 17.7.2
Cisco Ios Xe	Version 17.8.1
Cisco Ios Xe	Version 17.8.1a
Cisco Ios Xe	Version 17.9.1
Cisco Ios Xe	Version 17.9.1a
Cisco Ios Xe	Version 17.9.1w
Cisco Ios Xe	Version 17.9.1x1
Cisco Ios Xe	Version 17.9.1x
Cisco Ios Xe	Version 17.9.1y1
Cisco Ios Xe	Version 17.9.1y
Cisco Ios Xe	Version 17.9.2
Cisco Ios Xe	Version 17.9.2a
Cisco Ios Xe	Version 17.9.3
Cisco Ios Xe	Version 17.9.3a
Cisco Ios Xe	Version 17.9.4

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios Xe	From 17.3 to 17.3.8a
Cisco Ios Xe	From 17.6 to 17.6.6a
Cisco Ios Xe	From 17.9 to 17.9.4a

Configuration C

1 vulnerable · 123 platform

Vulnerable Software	Affected Versions
Cisco Ios Xe	From 16.12 to 16.12.10a

Running on/with	Platform Versions
Cisco Catalyst 3650	All versions
Cisco Catalyst 3650 12x48fd E	All versions
Cisco Catalyst 3650 12x48fd L	All versions
Cisco Catalyst 3650 12x48fd S	All versions
Cisco Catalyst 3650 12x48uq	All versions
Cisco Catalyst 3650 12x48uq E	All versions
Cisco Catalyst 3650 12x48uq L	All versions
Cisco Catalyst 3650 12x48uq S	All versions
Cisco Catalyst 3650 12x48ur	All versions
Cisco Catalyst 3650 12x48ur E	All versions
Cisco Catalyst 3650 12x48ur L	All versions
Cisco Catalyst 3650 12x48ur S	All versions
Cisco Catalyst 3650 12x48uz	All versions
Cisco Catalyst 3650 12x48uz E	All versions
Cisco Catalyst 3650 12x48uz L	All versions
Cisco Catalyst 3650 12x48uz S	All versions
Cisco Catalyst 3650 24pd	All versions
Cisco Catalyst 3650 24pd E	All versions
Cisco Catalyst 3650 24pd L	All versions
Cisco Catalyst 3650 24pd S	All versions
Cisco Catalyst 3650 24pdm	All versions
Cisco Catalyst 3650 24pdm E	All versions
Cisco Catalyst 3650 24pdm L	All versions
Cisco Catalyst 3650 24pdm S	All versions
Cisco Catalyst 3650 24ps E	All versions
Cisco Catalyst 3650 24ps L	All versions
Cisco Catalyst 3650 24ps S	All versions
Cisco Catalyst 3650 24td E	All versions
Cisco Catalyst 3650 24td L	All versions
Cisco Catalyst 3650 24td S	All versions
Cisco Catalyst 3650 24ts E	All versions
Cisco Catalyst 3650 24ts L	All versions
Cisco Catalyst 3650 24ts S	All versions
Cisco Catalyst 3650 48fd E	All versions
Cisco Catalyst 3650 48fd L	All versions
Cisco Catalyst 3650 48fd S	All versions
Cisco Catalyst 3650 48fq	All versions
Cisco Catalyst 3650 48fq E	All versions
Cisco Catalyst 3650 48fq L	All versions
Cisco Catalyst 3650 48fq S	All versions
Cisco Catalyst 3650 48fqm	All versions
Cisco Catalyst 3650 48fqm E	All versions
Cisco Catalyst 3650 48fqm L	All versions
Cisco Catalyst 3650 48fqm S	All versions
Cisco Catalyst 3650 48fs E	All versions
Cisco Catalyst 3650 48fs L	All versions
Cisco Catalyst 3650 48fs S	All versions
Cisco Catalyst 3650 48pd E	All versions
Cisco Catalyst 3650 48pd L	All versions
Cisco Catalyst 3650 48pd S	All versions
Cisco Catalyst 3650 48pq E	All versions
Cisco Catalyst 3650 48pq L	All versions
Cisco Catalyst 3650 48pq S	All versions
Cisco Catalyst 3650 48ps E	All versions
Cisco Catalyst 3650 48ps L	All versions
Cisco Catalyst 3650 48ps S	All versions
Cisco Catalyst 3650 48td E	All versions
Cisco Catalyst 3650 48td L	All versions
Cisco Catalyst 3650 48td S	All versions
Cisco Catalyst 3650 48tq E	All versions
Cisco Catalyst 3650 48tq L	All versions
Cisco Catalyst 3650 48tq S	All versions
Cisco Catalyst 3650 48ts E	All versions
Cisco Catalyst 3650 48ts L	All versions
Cisco Catalyst 3650 48ts S	All versions
Cisco Catalyst 3650 8x24pd E	All versions
Cisco Catalyst 3650 8x24pd L	All versions
Cisco Catalyst 3650 8x24pd S	All versions
Cisco Catalyst 3650 8x24uq	All versions
Cisco Catalyst 3650 8x24uq E	All versions
Cisco Catalyst 3650 8x24uq L	All versions
Cisco Catalyst 3650 8x24uq S	All versions
Cisco Catalyst 3850	All versions
Cisco Catalyst 3850 12s E	All versions
Cisco Catalyst 3850 12s S	All versions
Cisco Catalyst 3850 12x48u	All versions
Cisco Catalyst 3850 12xs E	All versions
Cisco Catalyst 3850 12xs S	All versions
Cisco Catalyst 3850 16xs E	All versions
Cisco Catalyst 3850 16xs S	All versions
Cisco Catalyst 3850 24p E	All versions
Cisco Catalyst 3850 24p L	All versions
Cisco Catalyst 3850 24p S	All versions
Cisco Catalyst 3850 24pw S	All versions
Cisco Catalyst 3850 24s E	All versions
Cisco Catalyst 3850 24s S	All versions
Cisco Catalyst 3850 24t E	All versions
Cisco Catalyst 3850 24t L	All versions
Cisco Catalyst 3850 24t S	All versions
Cisco Catalyst 3850 24u	All versions
Cisco Catalyst 3850 24u E	All versions
Cisco Catalyst 3850 24u L	All versions
Cisco Catalyst 3850 24u S	All versions
Cisco Catalyst 3850 24xs	All versions
Cisco Catalyst 3850 24xs E	All versions
Cisco Catalyst 3850 24xs S	All versions
Cisco Catalyst 3850 24xu	All versions
Cisco Catalyst 3850 24xu E	All versions
Cisco Catalyst 3850 24xu L	All versions
Cisco Catalyst 3850 24xu S	All versions
Cisco Catalyst 3850 32xs E	All versions
Cisco Catalyst 3850 32xs S	All versions
Cisco Catalyst 3850 48f E	All versions
Cisco Catalyst 3850 48f L	All versions
Cisco Catalyst 3850 48f S	All versions
Cisco Catalyst 3850 48p E	All versions
Cisco Catalyst 3850 48p L	All versions
Cisco Catalyst 3850 48p S	All versions
Cisco Catalyst 3850 48pw S	All versions
Cisco Catalyst 3850 48t E	All versions
Cisco Catalyst 3850 48t L	All versions
Cisco Catalyst 3850 48t S	All versions
Cisco Catalyst 3850 48u	All versions
Cisco Catalyst 3850 48u E	All versions
Cisco Catalyst 3850 48u L	All versions
Cisco Catalyst 3850 48u S	All versions
Cisco Catalyst 3850 48xs	All versions
Cisco Catalyst 3850 48xs E	All versions
Cisco Catalyst 3850 48xs F E	All versions
Cisco Catalyst 3850 48xs F S	All versions
Cisco Catalyst 3850 48xs S	All versions
Cisco Catalyst 3850 Nm 2 40g	All versions
Cisco Catalyst 3850 Nm 8 10g	All versions

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (3)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

Source: psirt@cisco.com

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-20273

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.