CVE-2023-20102 - Vulnerability Details - OpenCVE

A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the administrator user.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Cisco	Secure Network Analytics Stealthwatch Management Console 2200 Stealthwatch Management Console 2200 Firmware

Configuration 1 [-]

cpe:2.3:a:cisco:secure_network_analytics:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:cisco:stealthwatch_management_console_2200_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:stealthwatch_management_console_2200:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS

History

Mon, 28 Oct 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-04-05T00:00:00

Updated: 2024-10-28T16:30:58.300Z

Reserved: 2022-10-27T00:00:00

Link: CVE-2023-20102

Vulnrichment

Updated: 2024-08-02T08:57:35.557Z

NVD

Status : Modified

Published: 2023-04-05T19:15:07.880

Modified: 2024-11-21T07:40:33.280

Link: CVE-2023-20102

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-20102", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "dateUpdated": "2024-10-28T16:30:58.300Z", "dateReserved": "2022-10-27T00:00:00", "datePublished": "2023-04-05T00:00:00"}, "containers": {"cna": {"title": "Cisco Secure Network Analytics Remote Code Execution Vulnerability", "datePublic": "2023-04-05T00:00:00", "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2023-04-05T00:00:00"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the administrator user."}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Network Analytics ", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"name": "20230405 Cisco Secure Network Analytics Remote Code Execution Vulnerability", "tags": ["vendor-advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-502", "cweId": "CWE-502"}]}], "source": {"advisory": "cisco-sa-stealthsmc-rce-sfNBPjcS", "defect": [["CSCwc95889"]], "discovery": "INTERNAL"}, "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.557Z"}, "title": "CVE Program Container", "references": [{"name": "20230405 Cisco Secure Network Analytics Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_transferred"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-28T16:19:13.937889Z", "id": "CVE-2023-20102", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-28T16:30:58.300Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS", "name": "20230405 Cisco Secure Network Analytics Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.557Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20102", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-28T16:19:13.937889Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-28T16:23:20.114Z"}}], "cna": {"title": "Cisco Secure Network Analytics Remote Code Execution Vulnerability", "source": {"defect": [["CSCwc95889"]], "advisory": "cisco-sa-stealthsmc-rce-sfNBPjcS", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Secure Network Analytics ", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "datePublic": "2023-04-05T00:00:00", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS", "name": "20230405 Cisco Secure Network Analytics Remote Code Execution Vulnerability", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the administrator user."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2023-04-05T00:00:00"}}}, "cveMetadata": {"cveId": "CVE-2023-20102", "state": "PUBLISHED", "dateUpdated": "2024-10-28T16:30:58.300Z", "dateReserved": "2022-10-27T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2023-04-05T00:00:00", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_network_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F159605-C93D-4A6E-B9A1-B8AE6E9B268A", "versionEndIncluding": "7.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:stealthwatch_management_console_2200_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FC4568E-20F3-43D4-8658-6A742C47F5E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:stealthwatch_management_console_2200:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB9D17FE-41BC-43EB-B729-25AB3BD126DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into system memory. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the administrator user."}], "id": "CVE-2023-20102", "lastModified": "2024-11-21T07:40:33.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-05T19:15:07.880", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}