6

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.

 The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoFirepower Extensible Operating System Version-
   CiscoFirepower 1000 Version-
   CiscoFirepower 1010 Version-
   CiscoFirepower 1020 Version-
   CiscoFirepower 1030 Version-
   CiscoFirepower 1040 Version-
   CiscoFirepower 2100 Version-
   CiscoFirepower 2110 Version-
   CiscoFirepower 2120 Version-
   CiscoFirepower 2130 Version-
   CiscoFirepower 2140 Version-
   CiscoFirepower 4100 Version-
   CiscoFirepower 4110 Version-
   CiscoFirepower 4110 Next-generation Firewall Version-
   CiscoFirepower 4112 Version-
   CiscoFirepower 4115 Version-
   CiscoFirepower 4120 Version-
   CiscoFirepower 4120 Next-generation Firewall Version-
   CiscoFirepower 4125 Version-
   CiscoFirepower 4140 Version-
   CiscoFirepower 4140 Next-generation Firewall Version-
   CiscoFirepower 4145 Version-
   CiscoFirepower 4150 Version-
   CiscoFirepower 4150 Next-generation Firewall Version-
   CiscoFirepower 9300 Version-
   CiscoFirepower 9300 Security Appliance Version-
   CiscoFirepower 9300 Sm-24 Version-
   CiscoFirepower 9300 Sm-36 Version-
   CiscoFirepower 9300 Sm-40 Version-
   CiscoFirepower 9300 Sm-44 Version-
   CiscoFirepower 9300 Sm-44 X 3 Version-
   CiscoFirepower 9300 Sm-48 Version-
   CiscoFirepower 9300 Sm-56 Version-
   CiscoFirepower 9300 Sm-56 X 3 Version-
   CiscoFirepower 9300 With 1 Sm-24 Module Version-
   CiscoFirepower 9300 With 1 Sm-36 Module Version-
   CiscoFirepower 9300 With 1 Sm-44 Module Version-
   CiscoFirepower 9300 With 3 Sm-44 Module Version-
   CiscoSecure Firewall 3105 Version-
   CiscoSecure Firewall 3110 Version-
   CiscoSecure Firewall 3120 Version-
   CiscoSecure Firewall 3130 Version-
   CiscoSecure Firewall 3140 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.039
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 0.8 5.2
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
psirt@cisco.com 4.4 0.8 3.6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE-73 External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.