Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

Published

2023-08-23T19:15:08.277

Last Modified

2024-11-21T07:40:57.383

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-73
Type: Primary
CWE-732

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	firepower_extensible_operating_system	-	Yes
Hardware	cisco	firepower_1000	-	No
Hardware	cisco	firepower_1010	-	No
Hardware	cisco	firepower_1020	-	No
Hardware	cisco	firepower_1030	-	No
Hardware	cisco	firepower_1040	-	No
Hardware	cisco	firepower_2100	-	No
Hardware	cisco	firepower_2110	-	No
Hardware	cisco	firepower_2120	-	No
Hardware	cisco	firepower_2130	-	No
Hardware	cisco	firepower_2140	-	No
Hardware	cisco	firepower_4100	-	No
Hardware	cisco	firepower_4110	-	No
Hardware	cisco	firepower_4110_next-generation_firewall	-	No
Hardware	cisco	firepower_4112	-	No
Hardware	cisco	firepower_4115	-	No
Hardware	cisco	firepower_4120	-	No
Hardware	cisco	firepower_4120_next-generation_firewall	-	No
Hardware	cisco	firepower_4125	-	No
Hardware	cisco	firepower_4140	-	No
Hardware	cisco	firepower_4140_next-generation_firewall	-	No
Hardware	cisco	firepower_4145	-	No
Hardware	cisco	firepower_4150	-	No
Hardware	cisco	firepower_4150_next-generation_firewall	-	No
Hardware	cisco	firepower_9300	-	No
Hardware	cisco	firepower_9300_security_appliance	-	No
Hardware	cisco	firepower_9300_sm-24	-	No
Hardware	cisco	firepower_9300_sm-36	-	No
Hardware	cisco	firepower_9300_sm-40	-	No
Hardware	cisco	firepower_9300_sm-44	-	No
Hardware	cisco	firepower_9300_sm-44_x_3	-	No
Hardware	cisco	firepower_9300_sm-48	-	No
Hardware	cisco	firepower_9300_sm-56	-	No
Hardware	cisco	firepower_9300_sm-56_x_3	-	No
Hardware	cisco	firepower_9300_with_1_sm-24_module	-	No
Hardware	cisco	firepower_9300_with_1_sm-36_module	-	No
Hardware	cisco	firepower_9300_with_1_sm-44_module	-	No
Hardware	cisco	firepower_9300_with_3_sm-44_module	-	No
Hardware	cisco	secure_firewall_3105	-	No
Hardware	cisco	secure_firewall_3110	-	No
Hardware	cisco	secure_firewall_3120	-	No
Hardware	cisco	secure_firewall_3130	-	No
Hardware	cisco	secure_firewall_3140	-	No

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)