Details of VAR-202302-0213

ID

VAR-202302-0213

CVE

CVE-2023-20076

TITLE

on multiple Cisco Systems products. OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-004067

DESCRIPTION

A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system. Cisco IC3000 industrial computing gateway firmware, Cisco IOx , Cisco IOS XE Several Cisco Systems products include OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Iox is a secure development environment of Cisco (Cisco), which combines Cisco IOS and Linux OS for secure network connection and development of IOT applications. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL

Trust: 2.34

sources: NVD: CVE-2023-20076 // JVNDB: JVNDB-2023-004067 // CNNVD: CNNVD-202302-157 // VULHUB: VHN-444868 // VULMON: CVE-2023-20076

AFFECTED PRODUCTS

vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	ic3000 industrial compute gateway	scope:	lt	version:	1.4.2	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	lt	version:	15.9\(3\)	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	17.6.5	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	gte	version:	17.9.0	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6b	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m1	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m5	Trust: 1.0
vendor:	cisco	model:	cgr1000	scope:	lt	version:	1.16.0.1	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	cgr1240	scope:	lt	version:	1.16.0.1	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	lt	version:	15.9\(3\)	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m3	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	iox	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	ir510 wpan	scope:	lt	version:	1.10.0.1	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	17.9.2	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	lt	version:	15.9\(3\)	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6a	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m1	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m5	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2a	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m2	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m6b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.10.0	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m1	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m4a	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	eq	version:	15.9\(3\)m3	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	eq	version:	15.9\(3\)m5	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco 1240 connected grid ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ic3000 産業用コンピューティングゲートウェイ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 1000 シリーズ connected grid ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 829 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ir510 wpan	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 807 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 809 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco iox	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-004067 // NVD: CVE-2023-20076

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2023-20076
value:	HIGH
Trust: 1.8
ykramarz@cisco.com:	CVE-2023-20076
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202302-157
value:	HIGH
Trust: 0.6

NVD:
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2023-20076
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-004067 // NVD: CVE-2023-20076 // NVD: CVE-2023-20076 // CNNVD: CNNVD-202302-157

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.1
problemtype:	OS Command injection (CWE-78) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-444868 // JVNDB: JVNDB-2023-004067 // NVD: CVE-2023-20076

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202302-157

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202302-157

CONFIGURATIONS

sources: NVD: CVE-2023-20076

PATCH

title:	cisco-sa-iox-8whGn5dL	url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iox-8whgn5dl	Trust: 0.8
title:	Cisco Iox Fixes for operating system command injection vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqbyid.tag?id=226416	Trust: 0.6
title:	Cisco: Cisco IOx Application Hosting Environment Command Injection Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-iox-8whgn5dl	Trust: 0.1

sources: VULMON: CVE-2023-20076 // JVNDB: JVNDB-2023-004067 // CNNVD: CNNVD-202302-157

EXTERNAL IDS

db:	NVD	id:	CVE-2023-20076	Trust: 3.4
db:	JVNDB	id:	JVNDB-2023-004067	Trust: 0.8
db:	AUSCERT	id:	ESB-2023.0608	Trust: 0.6
db:	CNNVD	id:	CNNVD-202302-157	Trust: 0.6
db:	VULHUB	id:	VHN-444868	Trust: 0.1
db:	VULMON	id:	CVE-2023-20076	Trust: 0.1

sources: VULHUB: VHN-444868 // VULMON: CVE-2023-20076 // JVNDB: JVNDB-2023-004067 // NVD: CVE-2023-20076 // CNNVD: CNNVD-202302-157

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iox-8whgn5dl	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-20076	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-20076/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.0608	Trust: 0.6

sources: VULHUB: VHN-444868 // VULMON: CVE-2023-20076 // JVNDB: JVNDB-2023-004067 // NVD: CVE-2023-20076 // CNNVD: CNNVD-202302-157

SOURCES

db:	VULHUB	id:	VHN-444868
db:	VULMON	id:	CVE-2023-20076
db:	JVNDB	id:	JVNDB-2023-004067
db:	NVD	id:	CVE-2023-20076
db:	CNNVD	id:	CNNVD-202302-157

LAST UPDATE DATE

2023-12-18T13:11:36.407000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-444868	date:	2023-02-22T00:00:00
db:	JVNDB	id:	JVNDB-2023-004067	date:	2023-10-26T01:29:00
db:	NVD	id:	CVE-2023-20076	date:	2023-11-07T04:05:57.277
db:	CNNVD	id:	CNNVD-202302-157	date:	2023-02-23T00:00:00

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-444868	date:	2023-02-12T00:00:00
db:	JVNDB	id:	JVNDB-2023-004067	date:	2023-10-26T00:00:00
db:	NVD	id:	CVE-2023-20076	date:	2023-02-12T04:15:19.287
db:	CNNVD	id:	CNNVD-202302-157	date:	2023-02-02T00:00:00