CVE-2023-20097

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP.

CVSS v3 4.6 MEDIUM

4.6^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.5 / Impact : 2.7

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8	Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:cisco:wireless_lan_controller_software:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:esw6300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:a:cisco:aironet_access_point_software:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:aironet_1540:-:::::::*
	cpe:2.3:h:cisco:aironet_1542d:-:::::::*
	cpe:2.3:h:cisco:aironet_1542i:-:::::::*
	cpe:2.3:h:cisco:aironet_1560:-:::::::*
	cpe:2.3:h:cisco:aironet_1562d:-:::::::*
	cpe:2.3:h:cisco:aironet_1562e:-:::::::*
	cpe:2.3:h:cisco:aironet_1562i:-:::::::*
	cpe:2.3:h:cisco:aironet_1800:-:::::::*
	cpe:2.3:h:cisco:aironet_1800i:-:::::::*
	cpe:2.3:h:cisco:aironet_1810:-:::::::*
	cpe:2.3:h:cisco:aironet_1810w:-:::::::*
	cpe:2.3:h:cisco:aironet_1815:-:::::::*
	cpe:2.3:h:cisco:aironet_1815i:-:::::::*
	cpe:2.3:h:cisco:aironet_1815m:-:::::::*
	cpe:2.3:h:cisco:aironet_1815t:-:::::::*
	cpe:2.3:h:cisco:aironet_1815w:-:::::::*
	cpe:2.3:h:cisco:aironet_2800:-:::::::*
	cpe:2.3:h:cisco:aironet_2800e:-:::::::*
	cpe:2.3:h:cisco:aironet_2800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800:-:::::::*
	cpe:2.3:h:cisco:aironet_3800e:-:::::::*
	cpe:2.3:h:cisco:aironet_3800i:-:::::::*
	cpe:2.3:h:cisco:aironet_3800p:-:::::::*
	cpe:2.3:h:cisco:aironet_4800:-:::::::*
	cpe:2.3:h:cisco:catalyst_9100:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9105axw:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9115axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9117axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9120axp:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axd:-:::::::*
	cpe:2.3:h:cisco:catalyst_9124axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130_ap:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130ax:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130axe:-:::::::*
	cpe:2.3:h:cisco:catalyst_9130axi:-:::::::*
	cpe:2.3:h:cisco:catalyst_iw6300:-:::::::*
	cpe:2.3:h:cisco:catalyst_iw6300_ac:-:::::::*
	cpe:2.3:h:cisco:catalyst_iw6300_dc:-:::::::*
	cpe:2.3:h:cisco:catalyst_iw6300_dcw:-:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:cisco:ios_xe::::::::
	cpe:2.3:o:cisco:ios_xe::::::::
	cpe:2.3:o:cisco:ios_xe::::::::
	cpe:2.3:o:cisco:ios_xe::::::::

History

21 Nov 2024, 07:40

Type	Values Removed	Values Added
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 - Vendor Advisory~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~6.7~~	v2 : unknown v3 : 4.6

Information

Published : 2023-03-23 17:15

Updated : 2024-11-21 07:40

NVD link : CVE-2023-20097

Mitre link : CVE-2023-20097

CVE.ORG link : CVE-2023-20097

JSON object : View

Products Affected

cisco

aironet_1562e
catalyst_9120
catalyst_9130ax
aironet_2800i
catalyst_9117
catalyst_9117axi
catalyst_9117_ap
aironet_1542i
catalyst_9120axe
catalyst_9120_ap
catalyst_9130
aironet_1562i
catalyst_iw6300_dcw
aironet_1810
esw6300
aironet_1800i
catalyst_9124ax
aironet_4800
aironet_1815i
aironet_2800
aironet_3800
catalyst_9105axi
catalyst_9124
catalyst_9130axe
aironet_1815w
catalyst_9105ax
catalyst_9115_ap
catalyst_9105axw
aironet_1562d
catalyst_9124axd
catalyst_9124axi
ios_xe
aironet_1815
catalyst_iw6300_ac
catalyst_9115ax
aironet_1560
catalyst_9115axe
catalyst_9100
aironet_1815t
aironet_1815m
catalyst_9115axi
catalyst_9120axi
aironet_1800
aironet_1540
catalyst_9120axp
catalyst_9130axi
catalyst_iw6300_dc
catalyst_9115
catalyst_9120ax
aironet_2800e
aironet_3800e
aironet_access_point_software
aironet_3800i
aironet_1542d
wireless_lan_controller_software
aironet_3800p
catalyst_9130_ap
catalyst_iw6300
catalyst_9117ax
aironet_1810w
catalyst_9105

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

4.6 /10