cnvd - cnvd-2023-93331

cnvd-2023-93331

Vulnerability from cnvd

Title: Cisco SD-WAN vManage存在访问控制错误漏洞

Description:

Cisco SD-WAN vManage是美国思科（Cisco）公司的一个高度可定制的仪表板。可简化和自动化Cisco SD-WAN的部署、配置、管理和操作。

Cisco SD-WAN vManage存在访问控制错误漏洞，该漏洞源于管理界面中的CLI上的访问控制执行不当，经过身份验证的本地攻击者可利用该漏洞绕过授权，回滚vManage控制器和边缘路由器设备上的配置。

Severity: 中

Patch Name: Cisco SD-WAN vManage存在访问控制错误漏洞的补丁

Patch Description:

Cisco SD-WAN vManage是美国思科（Cisco）公司的一个高度可定制的仪表板。可简化和自动化Cisco SD-WAN的部署、配置、管理和操作。

Cisco SD-WAN vManage存在访问控制错误漏洞，该漏洞源于管理界面中的CLI上的访问控制执行不当，经过身份验证的本地攻击者可利用该漏洞绕过授权，回滚vManage控制器和边缘路由器设备上的配置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-20253

Impacted products

Name
['Cisco Catalyst SD-WAN Manager 20.9', 'Cisco Catalyst SD-WAN Manager 20.11', 'Cisco Catalyst SD-WAN Manager 20.7', 'Cisco Catalyst SD-WAN Manager 20.8', 'Cisco SD-WAN vManage <20.6.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-20253",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-20253"
    }
  },
  "description": "Cisco SD-WAN vManage\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u9ad8\u5ea6\u53ef\u5b9a\u5236\u7684\u4eea\u8868\u677f\u3002\u53ef\u7b80\u5316\u548c\u81ea\u52a8\u5316Cisco SD-WAN\u7684\u90e8\u7f72\u3001\u914d\u7f6e\u3001\u7ba1\u7406\u548c\u64cd\u4f5c\u3002\n\nCisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ba1\u7406\u754c\u9762\u4e2d\u7684CLI\u4e0a\u7684\u8bbf\u95ee\u63a7\u5236\u6267\u884c\u4e0d\u5f53\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6388\u6743\uff0c\u56de\u6edavManage\u63a7\u5236\u5668\u548c\u8fb9\u7f18\u8def\u7531\u5668\u8bbe\u5907\u4e0a\u7684\u914d\u7f6e\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-93331",
  "openTime": "2023-11-28",
  "patchDescription": "Cisco SD-WAN vManage\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u9ad8\u5ea6\u53ef\u5b9a\u5236\u7684\u4eea\u8868\u677f\u3002\u53ef\u7b80\u5316\u548c\u81ea\u52a8\u5316Cisco SD-WAN\u7684\u90e8\u7f72\u3001\u914d\u7f6e\u3001\u7ba1\u7406\u548c\u64cd\u4f5c\u3002\r\n\r\nCisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ba1\u7406\u754c\u9762\u4e2d\u7684CLI\u4e0a\u7684\u8bbf\u95ee\u63a7\u5236\u6267\u884c\u4e0d\u5f53\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u6388\u6743\uff0c\u56de\u6edavManage\u63a7\u5236\u5668\u548c\u8fb9\u7f18\u8def\u7531\u5668\u8bbe\u5907\u4e0a\u7684\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Catalyst SD-WAN Manager 20.9",
      "Cisco Catalyst SD-WAN Manager 20.11",
      "Cisco Catalyst SD-WAN Manager 20.7",
      "Cisco Catalyst SD-WAN Manager 20.8",
      "Cisco SD-WAN vManage \u003c20.6.2"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2023-20253",
  "serverity": "\u4e2d",
  "submitTime": "2023-10-07",
  "title": "Cisco SD-WAN vManage\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2023-20253 (GCVE-0-2023-20253)

Vulnerability from cvelistv5

Published

2023-09-27 17:12

Modified

2024-08-02 09:05

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-286 - Incorrect User Management

Summary

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device. This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.

References

▼	URL	Tags
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

Impacted products

	Vendor	Product	Version
	Cisco	Cisco SD-WAN vManage	Version: 17.2.6 Version: 17.2.7 Version: 17.2.8 Version: 17.2.9 Version: 17.2.10 Version: 17.2.4 Version: 17.2.5 Version: 18.3.1.1 Version: 18.3.3.1 Version: 18.3.3 Version: 18.3.4 Version: 18.3.5 Version: 18.3.7 Version: 18.3.8 Version: 18.3.6.1 Version: 18.3.1 Version: 18.3.0 Version: 18.4.0.1 Version: 18.4.3 Version: 18.4.302 Version: 18.4.303 Version: 18.4.4 Version: 18.4.5 Version: 18.4.0 Version: 18.4.1 Version: 18.4.6 Version: 19.2.0 Version: 19.2.097 Version: 19.2.099 Version: 19.2.1 Version: 19.2.2 Version: 19.2.3 Version: 19.2.31 Version: 19.2.929 Version: 19.2.4 Version: 20.1.1.1 Version: 20.1.12 Version: 20.1.1 Version: 20.1.2 Version: 20.1.3 Version: 19.3.0 Version: 19.1.0 Version: 18.2.0 Version: 20.3.1 Version: 20.3.2 Version: 20.3.2.1 Version: 20.3.3 Version: 20.3.3.1 Version: 20.3.4 Version: 20.3.4.1 Version: 20.3.4.2 Version: 20.3.5 Version: 20.3.6 Version: 20.3.7 Version: 20.3.7.1 Version: 20.3.4.3 Version: 20.3.5.1 Version: 20.3.7.2 Version: 20.4.1 Version: 20.4.1.1 Version: 20.4.1.2 Version: 20.4.2 Version: 20.4.2.2 Version: 20.4.2.1 Version: 20.4.2.3 Version: 20.5.1 Version: 20.5.1.2 Version: 20.5.1.1 Version: 20.6.1 Version: 20.6.1.1 Version: 20.6.1.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.890Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-sdwan-vman-sc-LRLfu2z",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco SD-WAN vManage",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "17.2.6"
            },
            {
              "status": "affected",
              "version": "17.2.7"
            },
            {
              "status": "affected",
              "version": "17.2.8"
            },
            {
              "status": "affected",
              "version": "17.2.9"
            },
            {
              "status": "affected",
              "version": "17.2.10"
            },
            {
              "status": "affected",
              "version": "17.2.4"
            },
            {
              "status": "affected",
              "version": "17.2.5"
            },
            {
              "status": "affected",
              "version": "18.3.1.1"
            },
            {
              "status": "affected",
              "version": "18.3.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.3"
            },
            {
              "status": "affected",
              "version": "18.3.4"
            },
            {
              "status": "affected",
              "version": "18.3.5"
            },
            {
              "status": "affected",
              "version": "18.3.7"
            },
            {
              "status": "affected",
              "version": "18.3.8"
            },
            {
              "status": "affected",
              "version": "18.3.6.1"
            },
            {
              "status": "affected",
              "version": "18.3.1"
            },
            {
              "status": "affected",
              "version": "18.3.0"
            },
            {
              "status": "affected",
              "version": "18.4.0.1"
            },
            {
              "status": "affected",
              "version": "18.4.3"
            },
            {
              "status": "affected",
              "version": "18.4.302"
            },
            {
              "status": "affected",
              "version": "18.4.303"
            },
            {
              "status": "affected",
              "version": "18.4.4"
            },
            {
              "status": "affected",
              "version": "18.4.5"
            },
            {
              "status": "affected",
              "version": "18.4.0"
            },
            {
              "status": "affected",
              "version": "18.4.1"
            },
            {
              "status": "affected",
              "version": "18.4.6"
            },
            {
              "status": "affected",
              "version": "19.2.0"
            },
            {
              "status": "affected",
              "version": "19.2.097"
            },
            {
              "status": "affected",
              "version": "19.2.099"
            },
            {
              "status": "affected",
              "version": "19.2.1"
            },
            {
              "status": "affected",
              "version": "19.2.2"
            },
            {
              "status": "affected",
              "version": "19.2.3"
            },
            {
              "status": "affected",
              "version": "19.2.31"
            },
            {
              "status": "affected",
              "version": "19.2.929"
            },
            {
              "status": "affected",
              "version": "19.2.4"
            },
            {
              "status": "affected",
              "version": "20.1.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.12"
            },
            {
              "status": "affected",
              "version": "20.1.1"
            },
            {
              "status": "affected",
              "version": "20.1.2"
            },
            {
              "status": "affected",
              "version": "20.1.3"
            },
            {
              "status": "affected",
              "version": "19.3.0"
            },
            {
              "status": "affected",
              "version": "19.1.0"
            },
            {
              "status": "affected",
              "version": "18.2.0"
            },
            {
              "status": "affected",
              "version": "20.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.2"
            },
            {
              "status": "affected",
              "version": "20.3.2.1"
            },
            {
              "status": "affected",
              "version": "20.3.3"
            },
            {
              "status": "affected",
              "version": "20.3.3.1"
            },
            {
              "status": "affected",
              "version": "20.3.4"
            },
            {
              "status": "affected",
              "version": "20.3.4.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.2"
            },
            {
              "status": "affected",
              "version": "20.3.5"
            },
            {
              "status": "affected",
              "version": "20.3.6"
            },
            {
              "status": "affected",
              "version": "20.3.7"
            },
            {
              "status": "affected",
              "version": "20.3.7.1"
            },
            {
              "status": "affected",
              "version": "20.3.4.3"
            },
            {
              "status": "affected",
              "version": "20.3.5.1"
            },
            {
              "status": "affected",
              "version": "20.3.7.2"
            },
            {
              "status": "affected",
              "version": "20.4.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.1"
            },
            {
              "status": "affected",
              "version": "20.4.1.2"
            },
            {
              "status": "affected",
              "version": "20.4.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.2"
            },
            {
              "status": "affected",
              "version": "20.4.2.1"
            },
            {
              "status": "affected",
              "version": "20.4.2.3"
            },
            {
              "status": "affected",
              "version": "20.5.1"
            },
            {
              "status": "affected",
              "version": "20.5.1.2"
            },
            {
              "status": "affected",
              "version": "20.5.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.1"
            },
            {
              "status": "affected",
              "version": "20.6.1.1"
            },
            {
              "status": "affected",
              "version": "20.6.1.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-286",
              "description": "Incorrect User Management",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:58:32.708Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-sdwan-vman-sc-LRLfu2z",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z"
        }
      ],
      "source": {
        "advisory": "cisco-sa-sdwan-vman-sc-LRLfu2z",
        "defects": [
          "CSCvz62234"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20253",
    "datePublished": "2023-09-27T17:12:04.474Z",
    "dateReserved": "2022-10-27T18:47:50.372Z",
    "dateUpdated": "2024-08-02T09:05:35.890Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted