Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20015

A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.

Published

2023-02-23T20:15:13.333

Last Modified

2024-11-21T07:40:20.853

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.0 (MEDIUM)

Weaknesses

Type: Secondary
CWE-78
Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6536_firmware	-	Yes
Hardware	cisco	ucs_6536	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_64108_firmware	-	Yes
Hardware	cisco	ucs_64108	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6454_firmware	-	Yes
Hardware	cisco	ucs_6454	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6200_firmware	-	Yes
Hardware	cisco	ucs_6200	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6248up_firmware	-	Yes
Hardware	cisco	ucs_6248up	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6296up_firmware	-	Yes
Hardware	cisco	ucs_6296up	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6300_firmware	-	Yes
Hardware	cisco	ucs_6300	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6324_firmware	-	Yes
Hardware	cisco	ucs_6324	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6332_firmware	-	Yes
Hardware	cisco	ucs_6332	-	No
Application	cisco	ucs_central_software	< 4.0\(4o\)	Yes
Application	cisco	ucs_central_software	< 4.1\(3k\)	Yes
Application	cisco	ucs_central_software	< 4.2\(2d\)	Yes
Operating System	cisco	ucs_6332-16up_firmware	-	Yes
Hardware	cisco	ucs_6332-16up	-	No
Operating System	cisco	firepower_extensible_operating_system	-	Yes
Hardware	cisco	firepower_4100	-	No
Hardware	cisco	firepower_4110	-	No
Hardware	cisco	firepower_4112	-	No
Hardware	cisco	firepower_4115	-	No
Hardware	cisco	firepower_4120	-	No
Hardware	cisco	firepower_4125	-	No
Hardware	cisco	firepower_4140	-	No
Hardware	cisco	firepower_4145	-	No
Hardware	cisco	firepower_4150	-	No
Hardware	cisco	firepower_9300_sm-24	-	No
Hardware	cisco	firepower_9300_sm-36	-	No
Hardware	cisco	firepower_9300_sm-40	-	No
Hardware	cisco	firepower_9300_sm-44	-	No
Hardware	cisco	firepower_9300_sm-44_x_3	-	No
Hardware	cisco	firepower_9300_sm-48	-	No
Hardware	cisco	firepower_9300_sm-56	-	No
Hardware	cisco	firepower_9300_sm-56_x_3	-	No

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)