Detections
Analytics
Cisco IOS XE Software Web UI Privilege Escalation (cisco-sa-iosxe-webui-privesc-j22SaA4z)
critical Nessus Plugin ID 183167
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
A vulnerability in the web UI feature of Cisco IOS XE Software, when exposed to the internet or to untrusted networks, could allow an unauthenticated, remote attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. For steps to close the attack vector for this vulnerability, see the Recommendations section of the vendor's advisory. The vendor (Cisco) will provide updates on the status of this investigation and when a software patch is available.Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
See vendor advisory.See Also
http://www.nessus.org/u?2eb79c65
Plugin Details
Severity: Critical
ID: 183167
File Name: cisco-sa-iosxe-webui-privesc-j22SaA4z.nasl
Version: 1.12
Type: combined
Family: CISCO
Published: 10/16/2023
Updated: 4/16/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 10.0
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-20198
CVSS v3
Risk Factor: Critical
Base Score: 10
Temporal Score: 9.3
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:cisco:ios_xe
Required KB Items: Host/Cisco/IOS-XE/Version
Exploit Available: true
Exploit Ease: Exploits are available
Vulnerability Publication Date: 10/16/2023
CISA Known Exploited Vulnerability Due Dates: 10/20/2023, 10/27/2023
Exploitable With
Core Impact
Metasploit (Cisco IOX XE Unauthenticated RCE Chain)
Reference Information
CVE: CVE-2023-20198, CVE-2023-20273