CVE-2023-20234 - Vulnerability Details

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Firepower 1000 Firepower 1010 Firepower 1020 Firepower 1030 Firepower 1040 Firepower 2100 Firepower 2110 Firepower 2120 Firepower 2130 Firepower 2140 Firepower 4100 Firepower 4110 Firepower 4110 Next-generation Firewall Firepower 4112 Firepower 4115 Firepower 4120 Firepower 4120 Next-generation Firewall Firepower 4125 Firepower 4140 Firepower 4140 Next-generation Firewall Firepower 4145 Firepower 4150 Firepower 4150 Next-generation Firewall Firepower 9300 Firepower 9300 Security Appliance Firepower 9300 Sm-24 Firepower 9300 Sm-36 Firepower 9300 Sm-40 Firepower 9300 Sm-44 Firepower 9300 Sm-44 X 3 Firepower 9300 Sm-48 Firepower 9300 Sm-56 Firepower 9300 Sm-56 X 3 Firepower 9300 With 1 Sm-24 Module Firepower 9300 With 1 Sm-36 Module Firepower 9300 With 1 Sm-44 Module Firepower 9300 With 3 Sm-44 Module Firepower Extensible Operating System Secure Firewall 3105 Secure Firewall 3110 Secure Firewall 3120 Secure Firewall 3130 Secure Firewall 3140

Configuration 1 [-]

AND

cpe:2.3:a:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:firepower_1000:-:::::::*
	cpe:2.3:h:cisco:firepower_1010:-:::::::*
	cpe:2.3:h:cisco:firepower_1020:-:::::::*
	cpe:2.3:h:cisco:firepower_1030:-:::::::*
	cpe:2.3:h:cisco:firepower_1040:-:::::::*
	cpe:2.3:h:cisco:firepower_2100:-:::::::*
	cpe:2.3:h:cisco:firepower_2110:-:::::::*
	cpe:2.3:h:cisco:firepower_2120:-:::::::*
	cpe:2.3:h:cisco:firepower_2130:-:::::::*
	cpe:2.3:h:cisco:firepower_2140:-:::::::*
	cpe:2.3:h:cisco:firepower_4100:-:::::::*
	cpe:2.3:h:cisco:firepower_4110:-:::::::*
	cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:::::::*
	cpe:2.3:h:cisco:firepower_4112:-:::::::*
	cpe:2.3:h:cisco:firepower_4115:-:::::::*
	cpe:2.3:h:cisco:firepower_4120:-:::::::*
	cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:::::::*
	cpe:2.3:h:cisco:firepower_4125:-:::::::*
	cpe:2.3:h:cisco:firepower_4140:-:::::::*
	cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:::::::*
	cpe:2.3:h:cisco:firepower_4145:-:::::::*
	cpe:2.3:h:cisco:firepower_4150:-:::::::*
	cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:::::::*
	cpe:2.3:h:cisco:firepower_9300:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_security_appliance:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-24:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-36:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-40:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-44:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-48:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-56:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:::::::*
	cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:::::::*
	cpe:2.3:h:cisco:secure_firewall_3105:-:::::::*
	cpe:2.3:h:cisco:secure_firewall_3110:-:::::::*
	cpe:2.3:h:cisco:secure_firewall_3120:-:::::::*
	cpe:2.3:h:cisco:secure_firewall_3130:-:::::::*
	cpe:2.3:h:cisco:secure_firewall_3140:-:::::::*

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-08-23T18:21:02.413Z

Updated: 2024-08-02T09:05:35.918Z

Reserved: 2022-10-27T18:47:50.369Z

Link: CVE-2023-20234

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-08-23T19:15:08.277

Modified: 2024-11-21T07:40:57.383

Link: CVE-2023-20234

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object