A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.
The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
References
| Link | Resource |
|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
25 Jan 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_firewall_3105:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4140_next-generation_firewall:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4110_next-generation_firewall:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_firewall_3110:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_firewall_3130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4120_next-generation_firewall:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_firewall_3140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:secure_firewall_3120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4150_next-generation_firewall:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.0 |
| CWE | CWE-732 | |
| References | (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL - Vendor Advisory | |
| First Time |
Cisco secure Firewall 3120
Cisco firepower 9300 With 3 Sm-44 Module Cisco firepower 9300 Sm-24 Cisco firepower 2120 Cisco firepower 4110 Next-generation Firewall Cisco firepower 9300 Sm-40 Cisco firepower 2100 Cisco firepower 1030 Cisco firepower 4145 Cisco firepower 1000 Cisco firepower Extensible Operating System Cisco firepower 4140 Next-generation Firewall Cisco firepower 2130 Cisco firepower 4125 Cisco Cisco firepower 1040 Cisco firepower 9300 Sm-48 Cisco firepower 9300 With 1 Sm-24 Module Cisco firepower 9300 With 1 Sm-36 Module Cisco firepower 4120 Cisco firepower 9300 Sm-56 Cisco firepower 4112 Cisco secure Firewall 3140 Cisco firepower 4150 Next-generation Firewall Cisco firepower 9300 Security Appliance Cisco secure Firewall 3110 Cisco firepower 4140 Cisco firepower 4115 Cisco firepower 4120 Next-generation Firewall Cisco firepower 1010 Cisco firepower 2140 Cisco secure Firewall 3130 Cisco firepower 9300 Cisco firepower 4110 Cisco firepower 9300 Sm-44 Cisco secure Firewall 3105 Cisco firepower 9300 Sm-56 X 3 Cisco firepower 4150 Cisco firepower 2110 Cisco firepower 9300 Sm-36 Cisco firepower 4100 Cisco firepower 9300 With 1 Sm-44 Module Cisco firepower 9300 Sm-44 X 3 Cisco firepower 1020 |
23 Aug 2023, 19:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-23 19:15
Updated : 2024-01-25 17:15
NVD link : CVE-2023-20234
Mitre link : CVE-2023-20234
JSON object : View
Products Affected
cisco
- firepower_2140
- firepower_9300_with_1_sm-36_module
- firepower_4115
- firepower_4100
- firepower_1030
- firepower_9300_sm-36
- firepower_4112
- firepower_9300_with_3_sm-44_module
- firepower_1020
- firepower_4125
- firepower_2110
- secure_firewall_3110
- firepower_4120
- firepower_1000
- firepower_9300_sm-44_x_3
- firepower_1040
- firepower_9300_sm-24
- firepower_1010
- firepower_4110
- firepower_4140
- firepower_2130
- secure_firewall_3140
- firepower_9300_sm-48
- firepower_9300_sm-40
- firepower_9300_with_1_sm-44_module
- firepower_9300_sm-56_x_3
- firepower_2100
- firepower_9300
- firepower_4120_next-generation_firewall
- firepower_4140_next-generation_firewall
- firepower_extensible_operating_system
- secure_firewall_3120
- firepower_9300_security_appliance
- firepower_9300_sm-44
- firepower_4145
- firepower_4150_next-generation_firewall
- firepower_4150
- firepower_2120
- firepower_4110_next-generation_firewall
- secure_firewall_3105
- firepower_9300_with_1_sm-24_module
- secure_firewall_3130
- firepower_9300_sm-56
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource