Authorization bypass in Cisco IOS and IOS XE software
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-20186 |
| CWE-ID | CWE-285 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco IOS Operating systems & Components / Operating system Cisco IOS XE Operating systems & Components / Operating system |
| Vendor |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper Authorization
EUVDB-ID: #VU81248
Risk: Low
CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-20186
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to the device.
The vulnerability exists due to improper authorization checks within the Authentication, Authorization, and Accounting (AAA) feature. A local user with level 15 privileges can bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP).
MitigationInstall updates from vendor's website.
Vulnerable software versionsCisco IOS: before 17.12.1
Cisco IOS XE: before 17.12.1
External linkshttp://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaascp-Tyj4fEJm
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe55871
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
