CVE-2023-20076

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
ciscoCNA
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
ciscoic3000_industrial_compute_gateway
𝑥
< 1.4.2
ciscoiox
-
ciscoios_xe
𝑥
< 17.6.5
ciscoios_xe
17.9.0 ≤
𝑥
< 17.9.2
ciscoios_xe
17.10.0
ciscocgr1240_firmware
𝑥
< 1.16.0.1
ciscocgr1000_firmware
𝑥
< 1.16.0.1
ciscoir510_wpan_firmware
𝑥
< 1.10.0.1
cisco829_industrial_integrated_services_router_firmware
𝑥
< 15.9\(3\)
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m1
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m2
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m2a
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m3
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m4
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m4a
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m5
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m6a
cisco829_industrial_integrated_services_router_firmware
15.9\(3\)m6b
cisco807_industrial_integrated_services_router_firmware
𝑥
< 15.9\(3\)
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m1
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m2
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m2a
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m3
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m4
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m4a
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m5
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m6a
cisco807_industrial_integrated_services_router_firmware
15.9\(3\)m6b
cisco809_industrial_integrated_services_router_firmware
𝑥
< 15.9\(3\)
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m1
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m2
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m2a
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m3
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m4
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m4a
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m5
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m6a
cisco809_industrial_integrated_services_router_firmware
15.9\(3\)m6b
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL