gsd-2023-20046
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.
There are workarounds that address this vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-20046",
"id": "GSD-2023-20046"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-20046"
],
"details": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r There are workarounds that address this vulnerability.",
"id": "GSD-2023-20046",
"modified": "2023-12-13T01:20:29.232345Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2023-20046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "21.11.0"
},
{
"version_affected": "=",
"version_value": "21.11.1"
},
{
"version_affected": "=",
"version_value": "21.11.2"
},
{
"version_affected": "=",
"version_value": "21.11.3"
},
{
"version_affected": "=",
"version_value": "21.11.10"
},
{
"version_affected": "=",
"version_value": "21.11.11"
},
{
"version_affected": "=",
"version_value": "21.11.12"
},
{
"version_affected": "=",
"version_value": "21.11.13"
},
{
"version_affected": "=",
"version_value": "21.11.14"
},
{
"version_affected": "=",
"version_value": "21.11.4"
},
{
"version_affected": "=",
"version_value": "21.11.5"
},
{
"version_affected": "=",
"version_value": "21.11.6"
},
{
"version_affected": "=",
"version_value": "21.11.7"
},
{
"version_affected": "=",
"version_value": "21.11.8"
},
{
"version_affected": "=",
"version_value": "21.11.9"
},
{
"version_affected": "=",
"version_value": "21.11.15"
},
{
"version_affected": "=",
"version_value": "21.11.16"
},
{
"version_affected": "=",
"version_value": "21.11.17"
},
{
"version_affected": "=",
"version_value": "21.11.18"
},
{
"version_affected": "=",
"version_value": "21.11.19"
},
{
"version_affected": "=",
"version_value": "21.11.20"
},
{
"version_affected": "=",
"version_value": "21.11.21"
},
{
"version_affected": "=",
"version_value": "21.12.0"
},
{
"version_affected": "=",
"version_value": "21.12.1"
},
{
"version_affected": "=",
"version_value": "21.12.2"
},
{
"version_affected": "=",
"version_value": "21.12.3"
},
{
"version_affected": "=",
"version_value": "21.12.4"
},
{
"version_affected": "=",
"version_value": "21.12.5"
},
{
"version_affected": "=",
"version_value": "21.12.6"
},
{
"version_affected": "=",
"version_value": "21.12.10"
},
{
"version_affected": "=",
"version_value": "21.12.11"
},
{
"version_affected": "=",
"version_value": "21.12.12"
},
{
"version_affected": "=",
"version_value": "21.12.13"
},
{
"version_affected": "=",
"version_value": "21.12.14"
},
{
"version_affected": "=",
"version_value": "21.12.16"
},
{
"version_affected": "=",
"version_value": "21.12.17"
},
{
"version_affected": "=",
"version_value": "21.12.18"
},
{
"version_affected": "=",
"version_value": "21.12.7"
},
{
"version_affected": "=",
"version_value": "21.12.8"
},
{
"version_affected": "=",
"version_value": "21.12.9"
},
{
"version_affected": "=",
"version_value": "21.12.19"
},
{
"version_affected": "=",
"version_value": "21.12.20"
},
{
"version_affected": "=",
"version_value": "21.12.21"
},
{
"version_affected": "=",
"version_value": "21.12.22"
},
{
"version_affected": "=",
"version_value": "21.12.15"
},
{
"version_affected": "=",
"version_value": "21.13.0"
},
{
"version_affected": "=",
"version_value": "21.13.1"
},
{
"version_affected": "=",
"version_value": "21.13.2"
},
{
"version_affected": "=",
"version_value": "21.13.3"
},
{
"version_affected": "=",
"version_value": "21.13.4"
},
{
"version_affected": "=",
"version_value": "21.13.10"
},
{
"version_affected": "=",
"version_value": "21.13.11"
},
{
"version_affected": "=",
"version_value": "21.13.12"
},
{
"version_affected": "=",
"version_value": "21.13.13"
},
{
"version_affected": "=",
"version_value": "21.13.14"
},
{
"version_affected": "=",
"version_value": "21.13.15"
},
{
"version_affected": "=",
"version_value": "21.13.16"
},
{
"version_affected": "=",
"version_value": "21.13.17"
},
{
"version_affected": "=",
"version_value": "21.13.18"
},
{
"version_affected": "=",
"version_value": "21.13.19"
},
{
"version_affected": "=",
"version_value": "21.13.20"
},
{
"version_affected": "=",
"version_value": "21.13.5"
},
{
"version_affected": "=",
"version_value": "21.13.6"
},
{
"version_affected": "=",
"version_value": "21.13.7"
},
{
"version_affected": "=",
"version_value": "21.13.8"
},
{
"version_affected": "=",
"version_value": "21.13.9"
},
{
"version_affected": "=",
"version_value": "21.13.21"
},
{
"version_affected": "=",
"version_value": "21.14.0"
},
{
"version_affected": "=",
"version_value": "21.14.1"
},
{
"version_affected": "=",
"version_value": "21.14.10"
},
{
"version_affected": "=",
"version_value": "21.14.11"
},
{
"version_affected": "=",
"version_value": "21.14.12"
},
{
"version_affected": "=",
"version_value": "21.14.16"
},
{
"version_affected": "=",
"version_value": "21.14.17"
},
{
"version_affected": "=",
"version_value": "21.14.19"
},
{
"version_affected": "=",
"version_value": "21.14.2"
},
{
"version_affected": "=",
"version_value": "21.14.20"
},
{
"version_affected": "=",
"version_value": "21.14.3"
},
{
"version_affected": "=",
"version_value": "21.14.4"
},
{
"version_affected": "=",
"version_value": "21.14.5"
},
{
"version_affected": "=",
"version_value": "21.14.6"
},
{
"version_affected": "=",
"version_value": "21.14.7"
},
{
"version_affected": "=",
"version_value": "21.14.8"
},
{
"version_affected": "=",
"version_value": "21.14.9"
},
{
"version_affected": "=",
"version_value": "21.14.b12"
},
{
"version_affected": "=",
"version_value": "21.14.b13"
},
{
"version_affected": "=",
"version_value": "21.14.b14"
},
{
"version_affected": "=",
"version_value": "21.14.b15"
},
{
"version_affected": "=",
"version_value": "21.14.b17"
},
{
"version_affected": "=",
"version_value": "21.14.b18"
},
{
"version_affected": "=",
"version_value": "21.14.b19"
},
{
"version_affected": "=",
"version_value": "21.14.b20"
},
{
"version_affected": "=",
"version_value": "21.14.b21"
},
{
"version_affected": "=",
"version_value": "21.14.22"
},
{
"version_affected": "=",
"version_value": "21.14.b22"
},
{
"version_affected": "=",
"version_value": "21.14.23"
},
{
"version_affected": "=",
"version_value": "21.15.0"
},
{
"version_affected": "=",
"version_value": "21.15.1"
},
{
"version_affected": "=",
"version_value": "21.15.10"
},
{
"version_affected": "=",
"version_value": "21.15.11"
},
{
"version_affected": "=",
"version_value": "21.15.12"
},
{
"version_affected": "=",
"version_value": "21.15.13"
},
{
"version_affected": "=",
"version_value": "21.15.14"
},
{
"version_affected": "=",
"version_value": "21.15.15"
},
{
"version_affected": "=",
"version_value": "21.15.16"
},
{
"version_affected": "=",
"version_value": "21.15.17"
},
{
"version_affected": "=",
"version_value": "21.15.18"
},
{
"version_affected": "=",
"version_value": "21.15.19"
},
{
"version_affected": "=",
"version_value": "21.15.2"
},
{
"version_affected": "=",
"version_value": "21.15.20"
},
{
"version_affected": "=",
"version_value": "21.15.21"
},
{
"version_affected": "=",
"version_value": "21.15.22"
},
{
"version_affected": "=",
"version_value": "21.15.24"
},
{
"version_affected": "=",
"version_value": "21.15.25"
},
{
"version_affected": "=",
"version_value": "21.15.26"
},
{
"version_affected": "=",
"version_value": "21.15.27"
},
{
"version_affected": "=",
"version_value": "21.15.28"
},
{
"version_affected": "=",
"version_value": "21.15.29"
},
{
"version_affected": "=",
"version_value": "21.15.3"
},
{
"version_affected": "=",
"version_value": "21.15.30"
},
{
"version_affected": "=",
"version_value": "21.15.32"
},
{
"version_affected": "=",
"version_value": "21.15.33"
},
{
"version_affected": "=",
"version_value": "21.15.36"
},
{
"version_affected": "=",
"version_value": "21.15.37"
},
{
"version_affected": "=",
"version_value": "21.15.39"
},
{
"version_affected": "=",
"version_value": "21.15.4"
},
{
"version_affected": "=",
"version_value": "21.15.40"
},
{
"version_affected": "=",
"version_value": "21.15.41"
},
{
"version_affected": "=",
"version_value": "21.15.5"
},
{
"version_affected": "=",
"version_value": "21.15.6"
},
{
"version_affected": "=",
"version_value": "21.15.7"
},
{
"version_affected": "=",
"version_value": "21.15.8"
},
{
"version_affected": "=",
"version_value": "21.15.43"
},
{
"version_affected": "=",
"version_value": "21.15.45"
},
{
"version_affected": "=",
"version_value": "21.15.46"
},
{
"version_affected": "=",
"version_value": "21.15.47"
},
{
"version_affected": "=",
"version_value": "21.15.48"
},
{
"version_affected": "=",
"version_value": "21.15.51"
},
{
"version_affected": "=",
"version_value": "21.15.52"
},
{
"version_affected": "=",
"version_value": "21.15.53"
},
{
"version_affected": "=",
"version_value": "21.15.54"
},
{
"version_affected": "=",
"version_value": "21.15.55"
},
{
"version_affected": "=",
"version_value": "21.15.57"
},
{
"version_affected": "=",
"version_value": "21.15.58"
},
{
"version_affected": "=",
"version_value": "21.15.59"
},
{
"version_affected": "=",
"version_value": "21.15.60"
},
{
"version_affected": "=",
"version_value": "21.16.2"
},
{
"version_affected": "=",
"version_value": "21.16.3"
},
{
"version_affected": "=",
"version_value": "21.16.4"
},
{
"version_affected": "=",
"version_value": "21.16.5"
},
{
"version_affected": "=",
"version_value": "21.16.c10"
},
{
"version_affected": "=",
"version_value": "21.16.c11"
},
{
"version_affected": "=",
"version_value": "21.16.c12"
},
{
"version_affected": "=",
"version_value": "21.16.c13"
},
{
"version_affected": "=",
"version_value": "21.16.c9"
},
{
"version_affected": "=",
"version_value": "21.16.d0"
},
{
"version_affected": "=",
"version_value": "21.16.d1"
},
{
"version_affected": "=",
"version_value": "21.16.6"
},
{
"version_affected": "=",
"version_value": "21.16.c14"
},
{
"version_affected": "=",
"version_value": "21.16.7"
},
{
"version_affected": "=",
"version_value": "21.16.c15"
},
{
"version_affected": "=",
"version_value": "21.16.8"
},
{
"version_affected": "=",
"version_value": "21.16.c16"
},
{
"version_affected": "=",
"version_value": "21.16.10"
},
{
"version_affected": "=",
"version_value": "21.16.9"
},
{
"version_affected": "=",
"version_value": "21.16.c17"
},
{
"version_affected": "=",
"version_value": "21.16.c18"
},
{
"version_affected": "=",
"version_value": "21.16.c19"
},
{
"version_affected": "=",
"version_value": "21.17.0"
},
{
"version_affected": "=",
"version_value": "21.17.1"
},
{
"version_affected": "=",
"version_value": "21.17.2"
},
{
"version_affected": "=",
"version_value": "21.17.3"
},
{
"version_affected": "=",
"version_value": "21.17.4"
},
{
"version_affected": "=",
"version_value": "21.17.5"
},
{
"version_affected": "=",
"version_value": "21.17.6"
},
{
"version_affected": "=",
"version_value": "21.17.7"
},
{
"version_affected": "=",
"version_value": "21.17.8"
},
{
"version_affected": "=",
"version_value": "21.17.10"
},
{
"version_affected": "=",
"version_value": "21.17.11"
},
{
"version_affected": "=",
"version_value": "21.17.9"
},
{
"version_affected": "=",
"version_value": "21.17.12"
},
{
"version_affected": "=",
"version_value": "21.17.13"
},
{
"version_affected": "=",
"version_value": "21.17.14"
},
{
"version_affected": "=",
"version_value": "21.17.15"
},
{
"version_affected": "=",
"version_value": "21.17.16"
},
{
"version_affected": "=",
"version_value": "21.17.17"
},
{
"version_affected": "=",
"version_value": "21.17.18"
},
{
"version_affected": "=",
"version_value": "21.17.19"
},
{
"version_affected": "=",
"version_value": "21.18.0"
},
{
"version_affected": "=",
"version_value": "21.18.1"
},
{
"version_affected": "=",
"version_value": "21.18.2"
},
{
"version_affected": "=",
"version_value": "21.18.3"
},
{
"version_affected": "=",
"version_value": "21.18.4"
},
{
"version_affected": "=",
"version_value": "21.18.5"
},
{
"version_affected": "=",
"version_value": "21.18.11"
},
{
"version_affected": "=",
"version_value": "21.18.6"
},
{
"version_affected": "=",
"version_value": "21.18.7"
},
{
"version_affected": "=",
"version_value": "21.18.8"
},
{
"version_affected": "=",
"version_value": "21.18.9"
},
{
"version_affected": "=",
"version_value": "21.18.12"
},
{
"version_affected": "=",
"version_value": "21.18.13"
},
{
"version_affected": "=",
"version_value": "21.18.14"
},
{
"version_affected": "=",
"version_value": "21.18.15"
},
{
"version_affected": "=",
"version_value": "21.18.16"
},
{
"version_affected": "=",
"version_value": "21.18.17"
},
{
"version_affected": "=",
"version_value": "21.18.18"
},
{
"version_affected": "=",
"version_value": "21.18.19"
},
{
"version_affected": "=",
"version_value": "21.18.20"
},
{
"version_affected": "=",
"version_value": "21.18.21"
},
{
"version_affected": "=",
"version_value": "21.18.22"
},
{
"version_affected": "=",
"version_value": "21.18.23"
},
{
"version_affected": "=",
"version_value": "21.18.24"
},
{
"version_affected": "=",
"version_value": "21.18.25"
},
{
"version_affected": "=",
"version_value": "21.18.26"
},
{
"version_affected": "=",
"version_value": "21.19.0"
},
{
"version_affected": "=",
"version_value": "21.19.1"
},
{
"version_affected": "=",
"version_value": "21.19.2"
},
{
"version_affected": "=",
"version_value": "21.19.3"
},
{
"version_affected": "=",
"version_value": "21.19.n2"
},
{
"version_affected": "=",
"version_value": "21.19.4"
},
{
"version_affected": "=",
"version_value": "21.19.5"
},
{
"version_affected": "=",
"version_value": "21.19.n3"
},
{
"version_affected": "=",
"version_value": "21.19.n4"
},
{
"version_affected": "=",
"version_value": "21.19.6"
},
{
"version_affected": "=",
"version_value": "21.19.7"
},
{
"version_affected": "=",
"version_value": "21.19.8"
},
{
"version_affected": "=",
"version_value": "21.19.n5"
},
{
"version_affected": "=",
"version_value": "21.19.10"
},
{
"version_affected": "=",
"version_value": "21.19.9"
},
{
"version_affected": "=",
"version_value": "21.19.n6"
},
{
"version_affected": "=",
"version_value": "21.19.n7"
},
{
"version_affected": "=",
"version_value": "21.19.n8"
},
{
"version_affected": "=",
"version_value": "21.19.11"
},
{
"version_affected": "=",
"version_value": "21.19.n10"
},
{
"version_affected": "=",
"version_value": "21.19.n11"
},
{
"version_affected": "=",
"version_value": "21.19.n12"
},
{
"version_affected": "=",
"version_value": "21.19.n13"
},
{
"version_affected": "=",
"version_value": "21.19.n14"
},
{
"version_affected": "=",
"version_value": "21.19.n15"
},
{
"version_affected": "=",
"version_value": "21.19.n16"
},
{
"version_affected": "=",
"version_value": "21.19.n9"
},
{
"version_affected": "=",
"version_value": "21.19.n17"
},
{
"version_affected": "=",
"version_value": "21.19.n18"
},
{
"version_affected": "=",
"version_value": "21.20.0"
},
{
"version_affected": "=",
"version_value": "21.20.1"
},
{
"version_affected": "=",
"version_value": "21.20.SV1"
},
{
"version_affected": "=",
"version_value": "21.20.SV3"
},
{
"version_affected": "=",
"version_value": "21.20.SV5"
},
{
"version_affected": "=",
"version_value": "21.20.2"
},
{
"version_affected": "=",
"version_value": "21.20.3"
},
{
"version_affected": "=",
"version_value": "21.20.4"
},
{
"version_affected": "=",
"version_value": "21.20.5"
},
{
"version_affected": "=",
"version_value": "21.20.6"
},
{
"version_affected": "=",
"version_value": "21.20.7"
},
{
"version_affected": "=",
"version_value": "21.20.8"
},
{
"version_affected": "=",
"version_value": "21.20.9"
},
{
"version_affected": "=",
"version_value": "21.20.k6"
},
{
"version_affected": "=",
"version_value": "21.20.10"
},
{
"version_affected": "=",
"version_value": "21.20.11"
},
{
"version_affected": "=",
"version_value": "21.20.k7"
},
{
"version_affected": "=",
"version_value": "21.20.u8"
},
{
"version_affected": "=",
"version_value": "21.20.12"
},
{
"version_affected": "=",
"version_value": "21.20.13"
},
{
"version_affected": "=",
"version_value": "21.20.14"
},
{
"version_affected": "=",
"version_value": "21.20.k8"
},
{
"version_affected": "=",
"version_value": "21.20.p9"
},
{
"version_affected": "=",
"version_value": "21.20.15"
},
{
"version_affected": "=",
"version_value": "21.20.16"
},
{
"version_affected": "=",
"version_value": "21.20.17"
},
{
"version_affected": "=",
"version_value": "21.20.18"
},
{
"version_affected": "=",
"version_value": "21.20.19"
},
{
"version_affected": "=",
"version_value": "21.20.20"
},
{
"version_affected": "=",
"version_value": "21.20.21"
},
{
"version_affected": "=",
"version_value": "21.20.22"
},
{
"version_affected": "=",
"version_value": "21.20.23"
},
{
"version_affected": "=",
"version_value": "21.20.24"
},
{
"version_affected": "=",
"version_value": "21.20.25"
},
{
"version_affected": "=",
"version_value": "21.20.26"
},
{
"version_affected": "=",
"version_value": "21.20.28"
},
{
"version_affected": "=",
"version_value": "21.20.29"
},
{
"version_affected": "=",
"version_value": "21.20.30"
},
{
"version_affected": "=",
"version_value": "21.20.c22"
},
{
"version_affected": "=",
"version_value": "21.20.31"
},
{
"version_affected": "=",
"version_value": "21.20.32"
},
{
"version_affected": "=",
"version_value": "21.20.33"
},
{
"version_affected": "=",
"version_value": "21.20.34"
},
{
"version_affected": "=",
"version_value": "21.20.35"
},
{
"version_affected": "=",
"version_value": "21.20.27"
},
{
"version_affected": "=",
"version_value": "21.20.SV2"
},
{
"version_affected": "=",
"version_value": "21.21.0"
},
{
"version_affected": "=",
"version_value": "21.21.1"
},
{
"version_affected": "=",
"version_value": "21.21.2"
},
{
"version_affected": "=",
"version_value": "21.21.3"
},
{
"version_affected": "=",
"version_value": "21.21.KS2"
},
{
"version_affected": "=",
"version_value": "21.22.0"
},
{
"version_affected": "=",
"version_value": "21.22.n2"
},
{
"version_affected": "=",
"version_value": "21.22.n3"
},
{
"version_affected": "=",
"version_value": "21.22.3"
},
{
"version_affected": "=",
"version_value": "21.22.4"
},
{
"version_affected": "=",
"version_value": "21.22.5"
},
{
"version_affected": "=",
"version_value": "21.22.uj3"
},
{
"version_affected": "=",
"version_value": "21.22.11"
},
{
"version_affected": "=",
"version_value": "21.22.6"
},
{
"version_affected": "=",
"version_value": "21.22.7"
},
{
"version_affected": "=",
"version_value": "21.22.8"
},
{
"version_affected": "=",
"version_value": "21.22.n4"
},
{
"version_affected": "=",
"version_value": "21.22.n5"
},
{
"version_affected": "=",
"version_value": "21.22.ua0"
},
{
"version_affected": "=",
"version_value": "21.22.ua2"
},
{
"version_affected": "=",
"version_value": "21.22.ua3"
},
{
"version_affected": "=",
"version_value": "21.22.ua5"
},
{
"version_affected": "=",
"version_value": "21.22.12"
},
{
"version_affected": "=",
"version_value": "21.22.13"
},
{
"version_affected": "=",
"version_value": "21.22.n10"
},
{
"version_affected": "=",
"version_value": "21.22.n11"
},
{
"version_affected": "=",
"version_value": "21.22.n12"
},
{
"version_affected": "=",
"version_value": "21.22.n6"
},
{
"version_affected": "=",
"version_value": "21.22.n7"
},
{
"version_affected": "=",
"version_value": "21.22.n8"
},
{
"version_affected": "=",
"version_value": "21.22.n9"
},
{
"version_affected": "=",
"version_value": "21.22.n13"
},
{
"version_affected": "=",
"version_value": "21.23.0"
},
{
"version_affected": "=",
"version_value": "21.23.1"
},
{
"version_affected": "=",
"version_value": "21.23.10"
},
{
"version_affected": "=",
"version_value": "21.23.11"
},
{
"version_affected": "=",
"version_value": "21.23.12"
},
{
"version_affected": "=",
"version_value": "21.23.13"
},
{
"version_affected": "=",
"version_value": "21.23.14"
},
{
"version_affected": "=",
"version_value": "21.23.15"
},
{
"version_affected": "=",
"version_value": "21.23.16"
},
{
"version_affected": "=",
"version_value": "21.23.17"
},
{
"version_affected": "=",
"version_value": "21.23.2"
},
{
"version_affected": "=",
"version_value": "21.23.3"
},
{
"version_affected": "=",
"version_value": "21.23.4"
},
{
"version_affected": "=",
"version_value": "21.23.5"
},
{
"version_affected": "=",
"version_value": "21.23.6"
},
{
"version_affected": "=",
"version_value": "21.23.7"
},
{
"version_affected": "=",
"version_value": "21.23.8"
},
{
"version_affected": "=",
"version_value": "21.23.9"
},
{
"version_affected": "=",
"version_value": "21.23.b2"
},
{
"version_affected": "=",
"version_value": "21.23.b3"
},
{
"version_affected": "=",
"version_value": "21.23.c16"
},
{
"version_affected": "=",
"version_value": "21.23.c17"
},
{
"version_affected": "=",
"version_value": "21.23.n6"
},
{
"version_affected": "=",
"version_value": "21.23.n7"
},
{
"version_affected": "=",
"version_value": "21.23.n9"
},
{
"version_affected": "=",
"version_value": "21.23.18"
},
{
"version_affected": "=",
"version_value": "21.23.19"
},
{
"version_affected": "=",
"version_value": "21.23.21"
},
{
"version_affected": "=",
"version_value": "21.23.22"
},
{
"version_affected": "=",
"version_value": "21.23.23"
},
{
"version_affected": "=",
"version_value": "21.23.24"
},
{
"version_affected": "=",
"version_value": "21.23.25"
},
{
"version_affected": "=",
"version_value": "21.23.26"
},
{
"version_affected": "=",
"version_value": "21.23.27"
},
{
"version_affected": "=",
"version_value": "21.23.29"
},
{
"version_affected": "=",
"version_value": "21.23.30"
},
{
"version_affected": "=",
"version_value": "21.23.c18"
},
{
"version_affected": "=",
"version_value": "21.23.n10"
},
{
"version_affected": "=",
"version_value": "21.23.n11"
},
{
"version_affected": "=",
"version_value": "21.23.n8"
},
{
"version_affected": "=",
"version_value": "21.23.yn14"
},
{
"version_affected": "=",
"version_value": "21.24.0"
},
{
"version_affected": "=",
"version_value": "21.24.1"
},
{
"version_affected": "=",
"version_value": "21.24.2"
},
{
"version_affected": "=",
"version_value": "21.24.3"
},
{
"version_affected": "=",
"version_value": "21.25.0"
},
{
"version_affected": "=",
"version_value": "21.25.3"
},
{
"version_affected": "=",
"version_value": "21.25.4"
},
{
"version_affected": "=",
"version_value": "21.25.5"
},
{
"version_affected": "=",
"version_value": "21.25.10"
},
{
"version_affected": "=",
"version_value": "21.25.11"
},
{
"version_affected": "=",
"version_value": "21.25.12"
},
{
"version_affected": "=",
"version_value": "21.25.13"
},
{
"version_affected": "=",
"version_value": "21.25.14"
},
{
"version_affected": "=",
"version_value": "21.25.6"
},
{
"version_affected": "=",
"version_value": "21.25.7"
},
{
"version_affected": "=",
"version_value": "21.25.8"
},
{
"version_affected": "=",
"version_value": "21.25.9"
},
{
"version_affected": "=",
"version_value": "21.26.0"
},
{
"version_affected": "=",
"version_value": "21.26.1"
},
{
"version_affected": "=",
"version_value": "21.26.10"
},
{
"version_affected": "=",
"version_value": "21.26.13"
},
{
"version_affected": "=",
"version_value": "21.26.14"
},
{
"version_affected": "=",
"version_value": "21.26.15"
},
{
"version_affected": "=",
"version_value": "21.26.3"
},
{
"version_affected": "=",
"version_value": "21.26.5"
},
{
"version_affected": "=",
"version_value": "21.26.6"
},
{
"version_affected": "=",
"version_value": "21.26.7"
},
{
"version_affected": "=",
"version_value": "21.26.17"
},
{
"version_affected": "=",
"version_value": "21.27.0"
},
{
"version_affected": "=",
"version_value": "21.27.1"
},
{
"version_affected": "=",
"version_value": "21.27.2"
},
{
"version_affected": "=",
"version_value": "21.27.3"
},
{
"version_affected": "=",
"version_value": "21.27.4"
},
{
"version_affected": "=",
"version_value": "21.27.5"
},
{
"version_affected": "=",
"version_value": "21.27.m0"
},
{
"version_affected": "=",
"version_value": "21.28.0"
},
{
"version_affected": "=",
"version_value": "21.28.1"
},
{
"version_affected": "=",
"version_value": "21.28.2"
},
{
"version_affected": "=",
"version_value": "21.28.m0"
},
{
"version_affected": "=",
"version_value": "21.28.m1"
},
{
"version_affected": "=",
"version_value": "21.28.m2"
},
{
"version_affected": "=",
"version_value": "21.28.m3"
}
]
}
},
{
"product_name": "Cisco Ultra Cloud Core - User Plane Function",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r There are workarounds that address this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-289",
"lang": "eng",
"value": "Authentication Bypass by Alternate Name"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h",
"refsource": "MISC",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
]
},
"source": {
"advisory": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"defects": [
"CSCwd89468"
],
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1280E939-FA8A-49E4-AE06-616B152929CF",
"versionEndExcluding": "21.22.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2C7A63-E17A-487D-8CCF-3346FDA2859F",
"versionEndExcluding": "21.23.31",
"versionStartIncluding": "21.23.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B58A574-77D9-4EC5-9D57-8D244EF7BDB8",
"versionEndExcluding": "21.25.15",
"versionStartIncluding": "21.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9507CCB-0340-40D6-AAF3-D2EA3D3EE408",
"versionEndExcluding": "21.26.17",
"versionStartIncluding": "21.26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9F9D50-DA13-410A-9571-6FA9436165E8",
"versionEndExcluding": "21.27.6",
"versionStartIncluding": "21.27.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "833F9A52-2976-4F2C-AA87-FD50BB83BB3D",
"versionEndExcluding": "21.28.3",
"versionStartIncluding": "21.28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:21.23.n:*:*:*:*:*:*:*",
"matchCriteriaId": "CD63EE8D-0389-4589-BF86-0F64A8AEDA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:21.24:*:*:*:*:*:*:*",
"matchCriteriaId": "A0534E44-1CD6-49CB-A574-D7B2CF14CC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:21.27.m:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1BBD53-BF16-4841-9D20-D2C4129A337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:21.28.m:*:*:*:*:*:*:*",
"matchCriteriaId": "47DCE4FD-48D4-4B25-BBAE-24D270627FCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vpc-di:-:*:*:*:*:*:*:*",
"matchCriteriaId": "775B2FC4-E182-47F8-B786-EC6A359BCCE3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:vpc-si:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD5A5BE-9B00-4E4F-A4A4-FBEF990F4C39",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r There are workarounds that address this vulnerability."
}
],
"id": "CVE-2023-20046",
"lastModified": "2024-01-25T17:15:27.380",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
]
},
"published": "2023-05-09T18:15:11.697",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-522"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-289"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…