CVE-2023-20046

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.

 This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.

   There are workarounds that address this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ciscoCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
ciscostaros
𝑥
< 21.22.14
ciscostaros
21.23.0 ≤
𝑥
< 21.23.31
ciscostaros
21.25.0 ≤
𝑥
< 21.25.15
ciscostaros
21.26.0 ≤
𝑥
< 21.26.17
ciscostaros
21.27.0 ≤
𝑥
< 21.27.6
ciscostaros
21.28.0 ≤
𝑥
< 21.28.3
ciscostaros
21.23.n:n
ciscostaros
21.24
ciscostaros
21.27.m:m
ciscostaros
21.28.m:m
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ciscoasr_5000_series
21.11.0
CNA
ciscoasr_5000_series
21.11.1
CNA
ciscoasr_5000_series
21.11.2
CNA
ciscoasr_5000_series
21.11.3
CNA
ciscoasr_5000_series
21.11.10
CNA
ciscoasr_5000_series
21.11.11
CNA
ciscoasr_5000_series
21.11.12
CNA
ciscoasr_5000_series
21.11.13
CNA
ciscoasr_5000_series
21.11.14
CNA
ciscoasr_5000_series
21.11.4
CNA
ciscoasr_5000_series
21.11.5
CNA
ciscoasr_5000_series
21.11.6
CNA
ciscoasr_5000_series
21.11.7
CNA
ciscoasr_5000_series
21.11.8
CNA
ciscoasr_5000_series
21.11.9
CNA
ciscoasr_5000_series
21.11.15
CNA
ciscoasr_5000_series
21.11.16
CNA
ciscoasr_5000_series
21.11.17
CNA
ciscoasr_5000_series
21.11.18
CNA
ciscoasr_5000_series
21.11.19
CNA
ciscoasr_5000_series
21.11.20
CNA
ciscoasr_5000_series
21.11.21
CNA
ciscoasr_5000_series
21.12.0
CNA
ciscoasr_5000_series
21.12.1
CNA
ciscoasr_5000_series
21.12.2
CNA
ciscoasr_5000_series
21.12.3
CNA
ciscoasr_5000_series
21.12.4
CNA
ciscoasr_5000_series
21.12.5
CNA
ciscoasr_5000_series
21.12.6
CNA
ciscoasr_5000_series
21.12.10
CNA
ciscoasr_5000_series
21.12.11
CNA
ciscoasr_5000_series
21.12.12
CNA
ciscoasr_5000_series
21.12.13
CNA
ciscoasr_5000_series
21.12.14
CNA
ciscoasr_5000_series
21.12.16
CNA
ciscoasr_5000_series
21.12.17
CNA
ciscoasr_5000_series
21.12.18
CNA
ciscoasr_5000_series
21.12.7
CNA
ciscoasr_5000_series
21.12.8
CNA
ciscoasr_5000_series
21.12.9
CNA
ciscoasr_5000_series
21.12.19
CNA
ciscoasr_5000_series
21.12.20
CNA
ciscoasr_5000_series
21.12.21
CNA
ciscoasr_5000_series
21.12.22
CNA
ciscoasr_5000_series
21.12.15
CNA
ciscoasr_5000_series
21.13.0
CNA
ciscoasr_5000_series
21.13.1
CNA
ciscoasr_5000_series
21.13.2
CNA
ciscoasr_5000_series
21.13.3
CNA
ciscoasr_5000_series
21.13.4
CNA
ciscoasr_5000_series
21.13.10
CNA
ciscoasr_5000_series
21.13.11
CNA
ciscoasr_5000_series
21.13.12
CNA
ciscoasr_5000_series
21.13.13
CNA
ciscoasr_5000_series
21.13.14
CNA
ciscoasr_5000_series
21.13.15
CNA
ciscoasr_5000_series
21.13.16
CNA
ciscoasr_5000_series
21.13.17
CNA
ciscoasr_5000_series
21.13.18
CNA
ciscoasr_5000_series
21.13.19
CNA
ciscoasr_5000_series
21.13.20
CNA
ciscoasr_5000_series
21.13.5
CNA
ciscoasr_5000_series
21.13.6
CNA
ciscoasr_5000_series
21.13.7
CNA
ciscoasr_5000_series
21.13.8
CNA
ciscoasr_5000_series
21.13.9
CNA
ciscoasr_5000_series
21.13.21
CNA
ciscoasr_5000_series
21.14.0
CNA
ciscoasr_5000_series
21.14.1
CNA
ciscoasr_5000_series
21.14.10
CNA
ciscoasr_5000_series
21.14.11
CNA
ciscoasr_5000_series
21.14.12
CNA
ciscoasr_5000_series
21.14.16
CNA
ciscoasr_5000_series
21.14.17
CNA
ciscoasr_5000_series
21.14.19
CNA
ciscoasr_5000_series
21.14.2
CNA
ciscoasr_5000_series
21.14.20
CNA
ciscoasr_5000_series
21.14.3
CNA
ciscoasr_5000_series
21.14.4
CNA
ciscoasr_5000_series
21.14.5
CNA
ciscoasr_5000_series
21.14.6
CNA
ciscoasr_5000_series
21.14.7
CNA
ciscoasr_5000_series
21.14.8
CNA
ciscoasr_5000_series
21.14.9
CNA
ciscoasr_5000_series
21.14.b12
CNA
ciscoasr_5000_series
21.14.b13
CNA
ciscoasr_5000_series
21.14.b14
CNA
ciscoasr_5000_series
21.14.b15
CNA
ciscoasr_5000_series
21.14.b17
CNA
ciscoasr_5000_series
21.14.b18
CNA
ciscoasr_5000_series
21.14.b19
CNA
ciscoasr_5000_series
21.14.b20
CNA
ciscoasr_5000_series
21.14.b21
CNA
ciscoasr_5000_series
21.14.22
CNA
ciscoasr_5000_series
21.14.b22
CNA
ciscoasr_5000_series
21.14.23
CNA
ciscoasr_5000_series
21.15.0
CNA
ciscoasr_5000_series
21.15.1
CNA
ciscoasr_5000_series
21.15.10
CNA
ciscoasr_5000_series
21.15.11
CNA
ciscoasr_5000_series
21.15.12
CNA
ciscoasr_5000_series
21.15.13
CNA
ciscoasr_5000_series
21.15.14
CNA
ciscoasr_5000_series
21.15.15
CNA
ciscoasr_5000_series
21.15.16
CNA
ciscoasr_5000_series
21.15.17
CNA
ciscoasr_5000_series
21.15.18
CNA
ciscoasr_5000_series
21.15.19
CNA
ciscoasr_5000_series
21.15.2
CNA
ciscoasr_5000_series
21.15.20
CNA
ciscoasr_5000_series
21.15.21
CNA
ciscoasr_5000_series
21.15.22
CNA
ciscoasr_5000_series
21.15.24
CNA
ciscoasr_5000_series
21.15.25
CNA
ciscoasr_5000_series
21.15.26
CNA
ciscoasr_5000_series
21.15.27
CNA
ciscoasr_5000_series
21.15.28
CNA
ciscoasr_5000_series
21.15.29
CNA
ciscoasr_5000_series
21.15.3
CNA
ciscoasr_5000_series
21.15.30
CNA
ciscoasr_5000_series
21.15.32
CNA
ciscoasr_5000_series
21.15.33
CNA
ciscoasr_5000_series
21.15.36
CNA
ciscoasr_5000_series
21.15.37
CNA
ciscoasr_5000_series
21.15.39
CNA
ciscoasr_5000_series
21.15.4
CNA
ciscoasr_5000_series
21.15.40
CNA
ciscoasr_5000_series
21.15.41
CNA
ciscoasr_5000_series
21.15.5
CNA
ciscoasr_5000_series
21.15.6
CNA
ciscoasr_5000_series
21.15.7
CNA
ciscoasr_5000_series
21.15.8
CNA
ciscoasr_5000_series
21.15.43
CNA
ciscoasr_5000_series
21.15.45
CNA
ciscoasr_5000_series
21.15.46
CNA
ciscoasr_5000_series
21.15.47
CNA
ciscoasr_5000_series
21.15.48
CNA
ciscoasr_5000_series
21.15.51
CNA
ciscoasr_5000_series
21.15.52
CNA
ciscoasr_5000_series
21.15.53
CNA
ciscoasr_5000_series
21.15.54
CNA
ciscoasr_5000_series
21.15.55
CNA
ciscoasr_5000_series
21.15.57
CNA
ciscoasr_5000_series
21.15.58
CNA
ciscoasr_5000_series
21.15.59
CNA
ciscoasr_5000_series
21.15.60
CNA
ciscoasr_5000_series
21.16.2
CNA
ciscoasr_5000_series
21.16.3
CNA
ciscoasr_5000_series
21.16.4
CNA
ciscoasr_5000_series
21.16.5
CNA
ciscoasr_5000_series
21.16.c10
CNA
ciscoasr_5000_series
21.16.c11
CNA
ciscoasr_5000_series
21.16.c12
CNA
ciscoasr_5000_series
21.16.c13
CNA
ciscoasr_5000_series
21.16.c9
CNA
ciscoasr_5000_series
21.16.d0
CNA
ciscoasr_5000_series
21.16.d1
CNA
ciscoasr_5000_series
21.16.6
CNA
ciscoasr_5000_series
21.16.c14
CNA
ciscoasr_5000_series
21.16.7
CNA
ciscoasr_5000_series
21.16.c15
CNA
ciscoasr_5000_series
21.16.8
CNA
ciscoasr_5000_series
21.16.c16
CNA
ciscoasr_5000_series
21.16.10
CNA
ciscoasr_5000_series
21.16.9
CNA
ciscoasr_5000_series
21.16.c17
CNA
ciscoasr_5000_series
21.16.c18
CNA
ciscoasr_5000_series
21.16.c19
CNA
ciscoasr_5000_series
21.17.0
CNA
ciscoasr_5000_series
21.17.1
CNA
ciscoasr_5000_series
21.17.2
CNA
ciscoasr_5000_series
21.17.3
CNA
ciscoasr_5000_series
21.17.4
CNA
ciscoasr_5000_series
21.17.5
CNA
ciscoasr_5000_series
21.17.6
CNA
ciscoasr_5000_series
21.17.7
CNA
ciscoasr_5000_series
21.17.8
CNA
ciscoasr_5000_series
21.17.10
CNA
ciscoasr_5000_series
21.17.11
CNA
ciscoasr_5000_series
21.17.9
CNA
ciscoasr_5000_series
21.17.12
CNA
ciscoasr_5000_series
21.17.13
CNA
ciscoasr_5000_series
21.17.14
CNA
ciscoasr_5000_series
21.17.15
CNA
ciscoasr_5000_series
21.17.16
CNA
ciscoasr_5000_series
21.17.17
CNA
ciscoasr_5000_series
21.17.18
CNA
ciscoasr_5000_series
21.17.19
CNA
ciscoasr_5000_series
21.18.0
CNA
ciscoasr_5000_series
21.18.1
CNA
ciscoasr_5000_series
21.18.2
CNA
ciscoasr_5000_series
21.18.3
CNA
ciscoasr_5000_series
21.18.4
CNA
ciscoasr_5000_series
21.18.5
CNA
ciscoasr_5000_series
21.18.11
CNA
ciscoasr_5000_series
21.18.6
CNA
ciscoasr_5000_series
21.18.7
CNA
ciscoasr_5000_series
21.18.8
CNA
ciscoasr_5000_series
21.18.9
CNA
ciscoasr_5000_series
21.18.12
CNA
ciscoasr_5000_series
21.18.13
CNA
ciscoasr_5000_series
21.18.14
CNA
ciscoasr_5000_series
21.18.15
CNA
ciscoasr_5000_series
21.18.16
CNA
ciscoasr_5000_series
21.18.17
CNA
ciscoasr_5000_series
21.18.18
CNA
ciscoasr_5000_series
21.18.19
CNA
ciscoasr_5000_series
21.18.20
CNA
ciscoasr_5000_series
21.18.21
CNA
ciscoasr_5000_series
21.18.22
CNA
ciscoasr_5000_series
21.18.23
CNA
ciscoasr_5000_series
21.18.24
CNA
ciscoasr_5000_series
21.18.25
CNA
ciscoasr_5000_series
21.18.26
CNA
ciscoasr_5000_series
21.19.0
CNA
ciscoasr_5000_series
21.19.1
CNA
ciscoasr_5000_series
21.19.2
CNA
ciscoasr_5000_series
21.19.3
CNA
ciscoasr_5000_series
21.19.n2
CNA
ciscoasr_5000_series
21.19.4
CNA
ciscoasr_5000_series
21.19.5
CNA
ciscoasr_5000_series
21.19.n3
CNA
ciscoasr_5000_series
21.19.n4
CNA
ciscoasr_5000_series
21.19.6
CNA
ciscoasr_5000_series
21.19.7
CNA
ciscoasr_5000_series
21.19.8
CNA
ciscoasr_5000_series
21.19.n5
CNA
ciscoasr_5000_series
21.19.10
CNA
ciscoasr_5000_series
21.19.9
CNA
ciscoasr_5000_series
21.19.n6
CNA
ciscoasr_5000_series
21.19.n7
CNA
ciscoasr_5000_series
21.19.n8
CNA
ciscoasr_5000_series
21.19.11
CNA
ciscoasr_5000_series
21.19.n10
CNA
ciscoasr_5000_series
21.19.n11
CNA
ciscoasr_5000_series
21.19.n12
CNA
ciscoasr_5000_series
21.19.n13
CNA
ciscoasr_5000_series
21.19.n14
CNA
ciscoasr_5000_series
21.19.n15
CNA
ciscoasr_5000_series
21.19.n16
CNA
ciscoasr_5000_series
21.19.n9
CNA
ciscoasr_5000_series
21.19.n17
CNA
ciscoasr_5000_series
21.19.n18
CNA
ciscoasr_5000_series
21.20.0
CNA
ciscoasr_5000_series
21.20.1
CNA
ciscoasr_5000_series
21.20.2
CNA
ciscoasr_5000_series
21.20.3
CNA
ciscoasr_5000_series
21.20.4
CNA
ciscoasr_5000_series
21.20.5
CNA
ciscoasr_5000_series
21.20.6
CNA
ciscoasr_5000_series
21.20.7
CNA
ciscoasr_5000_series
21.20.8
CNA
ciscoasr_5000_series
21.20.9
CNA
ciscoasr_5000_series
21.20.k6
CNA
ciscoasr_5000_series
21.20.10
CNA
ciscoasr_5000_series
21.20.11
CNA
ciscoasr_5000_series
21.20.k7
CNA
ciscoasr_5000_series
21.20.u8
CNA
ciscoasr_5000_series
21.20.12
CNA
ciscoasr_5000_series
21.20.13
CNA
ciscoasr_5000_series
21.20.14
CNA
ciscoasr_5000_series
21.20.k8
CNA
ciscoasr_5000_series
21.20.p9
CNA
ciscoasr_5000_series
21.20.15
CNA
ciscoasr_5000_series
21.20.16
CNA
ciscoasr_5000_series
21.20.17
CNA
ciscoasr_5000_series
21.20.18
CNA
ciscoasr_5000_series
21.20.19
CNA
ciscoasr_5000_series
21.20.20
CNA
ciscoasr_5000_series
21.20.21
CNA
ciscoasr_5000_series
21.20.22
CNA
ciscoasr_5000_series
21.20.23
CNA
ciscoasr_5000_series
21.20.24
CNA
ciscoasr_5000_series
21.20.25
CNA
ciscoasr_5000_series
21.20.26
CNA
ciscoasr_5000_series
21.20.28
CNA
ciscoasr_5000_series
21.20.29
CNA
ciscoasr_5000_series
21.20.30
CNA
ciscoasr_5000_series
21.20.c22
CNA
ciscoasr_5000_series
21.20.31
CNA
ciscoasr_5000_series
21.20.32
CNA
ciscoasr_5000_series
21.20.33
CNA
ciscoasr_5000_series
21.20.34
CNA
ciscoasr_5000_series
21.20.35
CNA
ciscoasr_5000_series
21.20.27
CNA
ciscoasr_5000_series
21.21.0
CNA
ciscoasr_5000_series
21.21.1
CNA
ciscoasr_5000_series
21.21.2
CNA
ciscoasr_5000_series
21.21.3
CNA
ciscoasr_5000_series
21.22.0
CNA
ciscoasr_5000_series
21.22.n2
CNA
ciscoasr_5000_series
21.22.n3
CNA
ciscoasr_5000_series
21.22.3
CNA
ciscoasr_5000_series
21.22.4
CNA
ciscoasr_5000_series
21.22.5
CNA
ciscoasr_5000_series
21.22.11
CNA
ciscoasr_5000_series
21.22.6
CNA
ciscoasr_5000_series
21.22.7
CNA
ciscoasr_5000_series
21.22.8
CNA
ciscoasr_5000_series
21.22.n4
CNA
ciscoasr_5000_series
21.22.n5
CNA
ciscoasr_5000_series
21.22.12
CNA
ciscoasr_5000_series
21.22.13
CNA
ciscoasr_5000_series
21.22.n10
CNA
ciscoasr_5000_series
21.22.n11
CNA
ciscoasr_5000_series
21.22.n12
CNA
ciscoasr_5000_series
21.22.n6
CNA
ciscoasr_5000_series
21.22.n7
CNA
ciscoasr_5000_series
21.22.n8
CNA
ciscoasr_5000_series
21.22.n9
CNA
ciscoasr_5000_series
21.22.n13
CNA
ciscoasr_5000_series
21.23.0
CNA
ciscoasr_5000_series
21.23.1
CNA
ciscoasr_5000_series
21.23.10
CNA
ciscoasr_5000_series
21.23.11
CNA
ciscoasr_5000_series
21.23.12
CNA
ciscoasr_5000_series
21.23.13
CNA
ciscoasr_5000_series
21.23.14
CNA
ciscoasr_5000_series
21.23.15
CNA
ciscoasr_5000_series
21.23.16
CNA
ciscoasr_5000_series
21.23.17
CNA
ciscoasr_5000_series
21.23.2
CNA
ciscoasr_5000_series
21.23.3
CNA
ciscoasr_5000_series
21.23.4
CNA
ciscoasr_5000_series
21.23.5
CNA
ciscoasr_5000_series
21.23.6
CNA
ciscoasr_5000_series
21.23.7
CNA
ciscoasr_5000_series
21.23.8
CNA
ciscoasr_5000_series
21.23.9
CNA
ciscoasr_5000_series
21.23.b2
CNA
ciscoasr_5000_series
21.23.b3
CNA
ciscoasr_5000_series
21.23.c16
CNA
ciscoasr_5000_series
21.23.c17
CNA
ciscoasr_5000_series
21.23.n6
CNA
ciscoasr_5000_series
21.23.n7
CNA
ciscoasr_5000_series
21.23.n9
CNA
ciscoasr_5000_series
21.23.18
CNA
ciscoasr_5000_series
21.23.19
CNA
ciscoasr_5000_series
21.23.21
CNA
ciscoasr_5000_series
21.23.22
CNA
ciscoasr_5000_series
21.23.23
CNA
ciscoasr_5000_series
21.23.24
CNA
ciscoasr_5000_series
21.23.25
CNA
ciscoasr_5000_series
21.23.26
CNA
ciscoasr_5000_series
21.23.27
CNA
ciscoasr_5000_series
21.23.29
CNA
ciscoasr_5000_series
21.23.30
CNA
ciscoasr_5000_series
21.23.c18
CNA
ciscoasr_5000_series
21.23.n10
CNA
ciscoasr_5000_series
21.23.n11
CNA
ciscoasr_5000_series
21.23.n8
CNA
ciscoasr_5000_series
21.24.0
CNA
ciscoasr_5000_series
21.24.1
CNA
ciscoasr_5000_series
21.24.2
CNA
ciscoasr_5000_series
21.24.3
CNA
ciscoasr_5000_series
21.25.0
CNA
ciscoasr_5000_series
21.25.3
CNA
ciscoasr_5000_series
21.25.4
CNA
ciscoasr_5000_series
21.25.5
CNA
ciscoasr_5000_series
21.25.10
CNA
ciscoasr_5000_series
21.25.11
CNA
ciscoasr_5000_series
21.25.12
CNA
ciscoasr_5000_series
21.25.13
CNA
ciscoasr_5000_series
21.25.14
CNA
ciscoasr_5000_series
21.25.6
CNA
ciscoasr_5000_series
21.25.7
CNA
ciscoasr_5000_series
21.25.8
CNA
ciscoasr_5000_series
21.25.9
CNA
ciscoasr_5000_series
21.26.0
CNA
ciscoasr_5000_series
21.26.1
CNA
ciscoasr_5000_series
21.26.10
CNA
ciscoasr_5000_series
21.26.13
CNA
ciscoasr_5000_series
21.26.14
CNA
ciscoasr_5000_series
21.26.15
CNA
ciscoasr_5000_series
21.26.3
CNA
ciscoasr_5000_series
21.26.5
CNA
ciscoasr_5000_series
21.26.6
CNA
ciscoasr_5000_series
21.26.7
CNA
ciscoasr_5000_series
21.26.17
CNA
ciscoasr_5000_series
21.27.0
CNA
ciscoasr_5000_series
21.27.1
CNA
ciscoasr_5000_series
21.27.2
CNA
ciscoasr_5000_series
21.27.3
CNA
ciscoasr_5000_series
21.27.4
CNA
ciscoasr_5000_series
21.27.5
CNA
ciscoasr_5000_series
21.27.m0
CNA
ciscoasr_5000_series
21.28.0
CNA
ciscoasr_5000_series
21.28.1
CNA
ciscoasr_5000_series
21.28.2
CNA
ciscoasr_5000_series
21.28.m0
CNA
ciscoasr_5000_series
21.28.m1
CNA
ciscoasr_5000_series
21.28.m2
CNA
ciscoasr_5000_series
21.28.m3
CNA
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h