7.8
CVE-2023-20029
- EPSS 0.02%
- Veröffentlicht 23.03.2023 17:15:13
- Zuletzt bearbeitet 21.11.2024 07:40:23
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ios Xe Version17.7.1
Cisco ≫ Catalyst 9200 Version-
Cisco ≫ Catalyst 9200cx Version-
Cisco ≫ Catalyst 9200l Version-
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Catalyst 9200cx Version-
Cisco ≫ Catalyst 9200l Version-
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Ios Xe Version17.8.1
Cisco ≫ Catalyst 9200 Version-
Cisco ≫ Catalyst 9200cx Version-
Cisco ≫ Catalyst 9200l Version-
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Cisco ≫ Catalyst 9200cx Version-
Cisco ≫ Catalyst 9200l Version-
Cisco ≫ Catalyst 9300 Version-
Cisco ≫ Catalyst 9300-24p-a Version-
Cisco ≫ Catalyst 9300-24p-e Version-
Cisco ≫ Catalyst 9300-24s-a Version-
Cisco ≫ Catalyst 9300-24s-e Version-
Cisco ≫ Catalyst 9300-24t-a Version-
Cisco ≫ Catalyst 9300-24t-e Version-
Cisco ≫ Catalyst 9300-24u-a Version-
Cisco ≫ Catalyst 9300-24u-e Version-
Cisco ≫ Catalyst 9300-24ux-a Version-
Cisco ≫ Catalyst 9300-24ux-e Version-
Cisco ≫ Catalyst 9300-48p-a Version-
Cisco ≫ Catalyst 9300-48p-e Version-
Cisco ≫ Catalyst 9300-48s-a Version-
Cisco ≫ Catalyst 9300-48s-e Version-
Cisco ≫ Catalyst 9300-48t-a Version-
Cisco ≫ Catalyst 9300-48t-e Version-
Cisco ≫ Catalyst 9300-48u-a Version-
Cisco ≫ Catalyst 9300-48u-e Version-
Cisco ≫ Catalyst 9300-48un-a Version-
Cisco ≫ Catalyst 9300-48un-e Version-
Cisco ≫ Catalyst 9300-48uxm-a Version-
Cisco ≫ Catalyst 9300-48uxm-e Version-
Cisco ≫ Catalyst 9300l Version-
Cisco ≫ Catalyst 9300l-24p-4g-a Version-
Cisco ≫ Catalyst 9300l-24p-4g-e Version-
Cisco ≫ Catalyst 9300l-24p-4x-a Version-
Cisco ≫ Catalyst 9300l-24p-4x-e Version-
Cisco ≫ Catalyst 9300l-24t-4g-a Version-
Cisco ≫ Catalyst 9300l-24t-4g-e Version-
Cisco ≫ Catalyst 9300l-24t-4x-a Version-
Cisco ≫ Catalyst 9300l-24t-4x-e Version-
Cisco ≫ Catalyst 9300l-48p-4g-a Version-
Cisco ≫ Catalyst 9300l-48p-4g-e Version-
Cisco ≫ Catalyst 9300l-48p-4x-a Version-
Cisco ≫ Catalyst 9300l-48p-4x-e Version-
Cisco ≫ Catalyst 9300l-48t-4g-a Version-
Cisco ≫ Catalyst 9300l-48t-4g-e Version-
Cisco ≫ Catalyst 9300l-48t-4x-a Version-
Cisco ≫ Catalyst 9300l-48t-4x-e Version-
Cisco ≫ Catalyst 9300l Stack Version-
Cisco ≫ Catalyst 9300lm Version-
Cisco ≫ Catalyst 9300x Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.039 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| psirt@cisco.com | 4.4 | 0.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().