VDB
CVE-2023-20231
CVE-2023-20231
PUBLISHED
Es besteht eine Schwachstelle in Cisco IOS XE. Dieser Fehler besteht in der Web UI Komponente aufgrund einer unzureichenden Eingabevalidierung. Durch das Senden von manipulierten Eingaben kann ein entfernter, authentifizierter Angreifer diese Schwachstelle zur Ausführung von beliebigem Code ausnutzen.
EPSS 0.64% · 70.9th percentile
Risk Scores
EPSS Score
0.64%
70.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XE |
Exploit Intelligence
- cisco-sa-webui-cmdij-FzZAeXAy (circl)
Timeline
- Sep 27, 2023 CVE Published
- Sep 28, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
- Dec 1, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 3, 2024 EPSS Score
- Mar 5, 2024 EPSS Score
- Apr 6, 2024 EPSS Score
- May 8, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 12, 2024 EPSS Score
- Sep 13, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2509.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2509 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlre-H93FswRz advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-l2tp-dos-eB5tuFmV advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat3k-dos-ZZA4Gb3r advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y advisory