HIGH✓ PATCH🇬🇧 English

CVE-2023-20046

CVSS 8.8v3.1pub. 2023-05-09upd. 2024-11-21

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user. There are workarounds that address this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Cisco Asr 5000

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 5500

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 5700

    HW
    Cisco
    wszystkie wersje
  • Cisco Staros

    OS
    Cisco
    21.23.n21.2421.27.m21.28.m< 21.22.1421.23.0 – 21.23.31 (bez)21.25.0 – 21.25.15 (bez)21.26.0 – 21.26.17 (bez)21.27.0 – 21.27.6 (bez)21.28.0 – 21.28.3 (bez)
  • Cisco Vpc Di

    HW
    Cisco
    wszystkie wersje
  • Cisco Vpc Si

    HW
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2022-20919HIGH8.6ten sam produkt

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco...

CVE-2021-1539HIGH8.1ten sam produkt

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow a...

CVE-2021-1540HIGH8.1ten sam produkt

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow a...

CVE-2019-1869HIGH8.6ten sam produkt

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running o...