7.8

CVE-2023-20029

EPSS 0.02%
Published 23.03.2023 17:15:13
Last modified 21.11.2024 07:40:23
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the Meraki onboarding feature of Cisco IOS XE Software could allow an authenticated, local attacker to gain root level privileges on an affected device. This vulnerability is due to insufficient memory protection in the Meraki onboarding feature of an affected device. An attacker could exploit this vulnerability by modifying the Meraki registration parameters. A successful exploit could allow the attacker to elevate privileges to root.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ios Xe Version17.7.1

   Cisco ≫ Catalyst 9200 Version-
   Cisco ≫ Catalyst 9200cx Version-
   Cisco ≫ Catalyst 9200l Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24s-a Version-
   Cisco ≫ Catalyst 9300-24s-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-24ux-a Version-
   Cisco ≫ Catalyst 9300-24ux-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48s-a Version-
   Cisco ≫ Catalyst 9300-48s-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9300-48un-a Version-
   Cisco ≫ Catalyst 9300-48un-e Version-
   Cisco ≫ Catalyst 9300-48uxm-a Version-
   Cisco ≫ Catalyst 9300-48uxm-e Version-
   Cisco ≫ Catalyst 9300l Version-
   Cisco ≫ Catalyst 9300l-24p-4g-a Version-
   Cisco ≫ Catalyst 9300l-24p-4g-e Version-
   Cisco ≫ Catalyst 9300l-24p-4x-a Version-
   Cisco ≫ Catalyst 9300l-24p-4x-e Version-
   Cisco ≫ Catalyst 9300l-24t-4g-a Version-
   Cisco ≫ Catalyst 9300l-24t-4g-e Version-
   Cisco ≫ Catalyst 9300l-24t-4x-a Version-
   Cisco ≫ Catalyst 9300l-24t-4x-e Version-
   Cisco ≫ Catalyst 9300l-48p-4g-a Version-
   Cisco ≫ Catalyst 9300l-48p-4g-e Version-
   Cisco ≫ Catalyst 9300l-48p-4x-a Version-
   Cisco ≫ Catalyst 9300l-48p-4x-e Version-
   Cisco ≫ Catalyst 9300l-48t-4g-a Version-
   Cisco ≫ Catalyst 9300l-48t-4g-e Version-
   Cisco ≫ Catalyst 9300l-48t-4x-a Version-
   Cisco ≫ Catalyst 9300l-48t-4x-e Version-
   Cisco ≫ Catalyst 9300l Stack Version-
   Cisco ≫ Catalyst 9300lm Version-
   Cisco ≫ Catalyst 9300x Version-

Cisco ≫ Ios Xe Version17.8.1

   Cisco ≫ Catalyst 9200 Version-
   Cisco ≫ Catalyst 9200cx Version-
   Cisco ≫ Catalyst 9200l Version-
   Cisco ≫ Catalyst 9300 Version-
   Cisco ≫ Catalyst 9300-24p-a Version-
   Cisco ≫ Catalyst 9300-24p-e Version-
   Cisco ≫ Catalyst 9300-24s-a Version-
   Cisco ≫ Catalyst 9300-24s-e Version-
   Cisco ≫ Catalyst 9300-24t-a Version-
   Cisco ≫ Catalyst 9300-24t-e Version-
   Cisco ≫ Catalyst 9300-24u-a Version-
   Cisco ≫ Catalyst 9300-24u-e Version-
   Cisco ≫ Catalyst 9300-24ux-a Version-
   Cisco ≫ Catalyst 9300-24ux-e Version-
   Cisco ≫ Catalyst 9300-48p-a Version-
   Cisco ≫ Catalyst 9300-48p-e Version-
   Cisco ≫ Catalyst 9300-48s-a Version-
   Cisco ≫ Catalyst 9300-48s-e Version-
   Cisco ≫ Catalyst 9300-48t-a Version-
   Cisco ≫ Catalyst 9300-48t-e Version-
   Cisco ≫ Catalyst 9300-48u-a Version-
   Cisco ≫ Catalyst 9300-48u-e Version-
   Cisco ≫ Catalyst 9300-48un-a Version-
   Cisco ≫ Catalyst 9300-48un-e Version-
   Cisco ≫ Catalyst 9300-48uxm-a Version-
   Cisco ≫ Catalyst 9300-48uxm-e Version-
   Cisco ≫ Catalyst 9300l Version-
   Cisco ≫ Catalyst 9300l-24p-4g-a Version-
   Cisco ≫ Catalyst 9300l-24p-4g-e Version-
   Cisco ≫ Catalyst 9300l-24p-4x-a Version-
   Cisco ≫ Catalyst 9300l-24p-4x-e Version-
   Cisco ≫ Catalyst 9300l-24t-4g-a Version-
   Cisco ≫ Catalyst 9300l-24t-4g-e Version-
   Cisco ≫ Catalyst 9300l-24t-4x-a Version-
   Cisco ≫ Catalyst 9300l-24t-4x-e Version-
   Cisco ≫ Catalyst 9300l-48p-4g-a Version-
   Cisco ≫ Catalyst 9300l-48p-4g-e Version-
   Cisco ≫ Catalyst 9300l-48p-4x-a Version-
   Cisco ≫ Catalyst 9300l-48p-4x-e Version-
   Cisco ≫ Catalyst 9300l-48t-4g-a Version-
   Cisco ≫ Catalyst 9300l-48t-4g-e Version-
   Cisco ≫ Catalyst 9300l-48t-4x-a Version-
   Cisco ≫ Catalyst 9300l-48t-4x-e Version-
   Cisco ≫ Catalyst 9300l Stack Version-
   Cisco ≫ Catalyst 9300lm Version-
   Cisco ≫ Catalyst 9300x Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.039

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
psirt@cisco.com	4.4	0.8	3.6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-priv-esc-sABD8hcU

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-20029

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-20029

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-20029

EUVD