SB2023082425 - Multiple vulnerabilities in Cisco ThousandEyes Enterprise Agent
Published: August 24, 2023 Updated: May 8, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-20224)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient input validation of user-supplied CLI arguments. A local user can execute arbitrary commands as root.
2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-20217)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient input validation by the operating system CLI. A local user can view arbitrary files as root on the underlying operating system.
Remediation
Install update from vendor's website.
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thoueye-privesc-NVhHGwb3
- http://seclists.org/fulldisclosure/2023/Aug/20
- http://packetstormsecurity.com/files/174233/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Privilege-Escalation.html
- https://korelogic.com/Resources/Advisories/KL-001-2023-002.txt
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-va-priv-esc-PUdgrx8E
- http://seclists.org/fulldisclosure/2023/Aug/19
- http://packetstormsecurity.com/files/174232/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Read.html
- https://korelogic.com/Resources/Advisories/KL-001-2023-001.txt