Description
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.
Published: 2023-02-23
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-24229 A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the currently logged-in user.
History

Fri, 25 Oct 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Cisco Mds 9000 Mds 9100 Mds 9132t Mds 9134 Mds 9140 Mds 9148 Mds 9148s Mds 9148t Mds 9200 Mds 9216 Mds 9216a Mds 9216i Mds 9222i Mds 9250i Mds 9396s Mds 9396t Mds 9500 Mds 9506 Mds 9509 Mds 9513 Mds 9700 Mds 9706 Mds 9710 Mds 9718 Nexus 1000 Virtual Edge Nexus 1000v Nexus 3016 Nexus 3016q Nexus 3048 Nexus 3064 Nexus 3064-32t Nexus 3064-t Nexus 3064-x Nexus 3064t Nexus 3064x Nexus 3100 Nexus 3100-v Nexus 3100-z Nexus 3100v Nexus 31108pc-v Nexus 31108pv-v Nexus 31108tc-v Nexus 31128pq Nexus 3132c-z Nexus 3132q Nexus 3132q-v Nexus 3132q-x Nexus 3132q-x\/3132q-xl Nexus 3132q-xl Nexus 3164q Nexus 3172 Nexus 3172pq Nexus 3172pq-xl Nexus 3172pq\/pq-xl Nexus 3172tq Nexus 3172tq-32t Nexus 3172tq-xl Nexus 3200 Nexus 3232c Nexus 3232c Nexus 3264c-e Nexus 3264q Nexus 3400 Nexus 3408-s Nexus 34180yc Nexus 34200yc-sm Nexus 3432d-s Nexus 3464c Nexus 3500 Nexus 3524 Nexus 3524-x Nexus 3524-x\/xl Nexus 3524-xl Nexus 3548 Nexus 3548-x Nexus 3548-x\/xl Nexus 3548-xl Nexus 3600 Nexus 36180yc-r Nexus 3636c-r Nexus 5500 Nexus 5548p Nexus 5548up Nexus 5596t Nexus 5596up Nexus 5600 Nexus 56128p Nexus 5624q Nexus 5648q Nexus 5672up Nexus 5672up-16g Nexus 5696q Nexus 6000 Nexus 6001 Nexus 6001p Nexus 6001t Nexus 6004 Nexus 6004x Nexus 7000 Nexus 7004 Nexus 7009 Nexus 7010 Nexus 7018 Nexus 7700 Nexus 7702 Nexus 7706 Nexus 7710 Nexus 7718 Nexus 9000 Nexus 9000v Nx-os
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-10-25T16:03:54.154Z

Reserved: 2022-10-27T00:00:00.000Z

Link: CVE-2023-20050

cve-icon Vulnrichment

Updated: 2024-08-02T08:57:35.551Z

cve-icon NVD

Status : Modified

Published: 2023-02-23T20:15:13.483

Modified: 2024-11-21T07:40:26.350

Link: CVE-2023-20050

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses