CVE-2023-20179 - OpenCVE

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Sd-wan Vmanage

Configuration 1 [-]

OR	cpe:2.3:a:cisco:sd-wan_vmanage::::::::
	cpe:2.3:a:cisco:sd-wan_vmanage::::::::

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2023-09-27T17:24:32.381Z

Updated: 2024-08-02T09:05:35.783Z

Reserved: 2022-10-27T18:47:50.363Z

Link: CVE-2023-20179

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-09-27T18:15:10.987

Modified: 2024-01-25T17:15:32.757

Link: CVE-2023-20179

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20179", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.363Z", "datePublished": "2023-09-27T17:24:32.381Z", "dateUpdated": "2024-08-02T09:05:35.783Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:50.945Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content.\r\n\r This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application."}], "affected": [{"vendor": "Cisco", "product": "Cisco SD-WAN vManage", "versions": [{"version": "20.3.1", "status": "affected"}, {"version": "20.3.2", "status": "affected"}, {"version": "20.3.2.1", "status": "affected"}, {"version": "20.3.3", "status": "affected"}, {"version": "20.3.3.1", "status": "affected"}, {"version": "20.3.4", "status": "affected"}, {"version": "20.3.4.1", "status": "affected"}, {"version": "20.3.4.2", "status": "affected"}, {"version": "20.3.5", "status": "affected"}, {"version": "20.3.6", "status": "affected"}, {"version": "20.3.7", "status": "affected"}, {"version": "20.3.7.1", "status": "affected"}, {"version": "20.3.4.3", "status": "affected"}, {"version": "20.3.5.1", "status": "affected"}, {"version": "20.3.7.2", "status": "affected"}, {"version": "20.4.1", "status": "affected"}, {"version": "20.4.1.1", "status": "affected"}, {"version": "20.4.1.2", "status": "affected"}, {"version": "20.4.2", "status": "affected"}, {"version": "20.4.2.2", "status": "affected"}, {"version": "20.4.2.1", "status": "affected"}, {"version": "20.4.2.3", "status": "affected"}, {"version": "20.5.1", "status": "affected"}, {"version": "20.5.1.2", "status": "affected"}, {"version": "20.5.1.1", "status": "affected"}, {"version": "20.6.1", "status": "affected"}, {"version": "20.6.1.1", "status": "affected"}, {"version": "20.6.2.1", "status": "affected"}, {"version": "20.6.2.2", "status": "affected"}, {"version": "20.6.2", "status": "affected"}, {"version": "20.6.3", "status": "affected"}, {"version": "20.6.3.1", "status": "affected"}, {"version": "20.6.4", "status": "affected"}, {"version": "20.6.5", "status": "affected"}, {"version": "20.6.5.1", "status": "affected"}, {"version": "20.6.1.2", "status": "affected"}, {"version": "20.6.3.2", "status": "affected"}, {"version": "20.6.4.1", "status": "affected"}, {"version": "20.6.5.2", "status": "affected"}, {"version": "20.6.5.4", "status": "affected"}, {"version": "20.6.3.3", "status": "affected"}, {"version": "20.6.4.2", "status": "affected"}, {"version": "20.6.3.0.45", "status": "affected"}, {"version": "20.6.3.0.46", "status": "affected"}, {"version": "20.6.3.0.47", "status": "affected"}, {"version": "20.6.3.4", "status": "affected"}, {"version": "20.6.4.0.21", "status": "affected"}, {"version": "20.6.5.1.10", "status": "affected"}, {"version": "20.6.5.1.7", "status": "affected"}, {"version": "20.6.5.1.9", "status": "affected"}, {"version": "20.6.5.2.4", "status": "affected"}, {"version": "20.6.5.5", "status": "affected"}, {"version": "20.7.1", "status": "affected"}, {"version": "20.7.1.1", "status": "affected"}, {"version": "20.7.2", "status": "affected"}, {"version": "20.8.1", "status": "affected"}, {"version": "20.9.1", "status": "affected"}, {"version": "20.9.2", "status": "affected"}, {"version": "20.9.2.1", "status": "affected"}, {"version": "20.9.3", "status": "affected"}, {"version": "20.9.3.1", "status": "affected"}, {"version": "20.9.2.3", "status": "affected"}, {"version": "20.9.3.0.12", "status": "affected"}, {"version": "20.9.3.0.16", "status": "affected"}, {"version": "20.9.3.0.17", "status": "affected"}, {"version": "20.9.3.0.18", "status": "affected"}, {"version": "20.9.3.2", "status": "affected"}, {"version": "20.9.3.2_LI_Images", "status": "affected"}, {"version": "20.9.4", "status": "affected"}, {"version": "20.10.1", "status": "affected"}, {"version": "20.10.1.1", "status": "affected"}, {"version": "20.10.1.2", "status": "affected"}, {"version": "20.11.1", "status": "affected"}, {"version": "20.11.1.1", "status": "affected"}, {"version": "20.11.1.2", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "type": "cwe", "cweId": "CWE-80"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x", "name": "cisco-sa-vmanage-html-3ZKh8d6x"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-vmanage-html-3ZKh8d6x", "discovery": "EXTERNAL", "defects": ["CSCwe44307"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:05:35.783Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x", "name": "cisco-sa-vmanage-html-3ZKh8d6x", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "matchCriteriaId": "24F12886-47A6-42A3-8408-5F0CEC98ECB0", "versionEndExcluding": "20.6.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DE03263-AA9C-4717-AF0B-33A5852623FE", "versionEndExcluding": "20.10", "versionStartIncluding": "20.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content.\r\n\r This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within requests and persuading a user to view a page that contains injected content. A successful exploit could allow the attacker to modify pages within the web-based management interface, possibly leading to further browser-based attacks against users of the application."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Catalyst SD-WAN Manager, anteriormente Cisco SD-WAN vManage, podr\u00eda permitir que un atacante remoto autenticado inyecte contenido HTML. Esta vulnerabilidad se debe a una validaci\u00f3n inadecuada de los datos proporcionados por el usuario en los campos de elementos. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando contenido malicioso dentro de las solicitudes y persuadiendo a un usuario para que vea una p\u00e1gina que contenga contenido inyectado. Un exploit exitoso podr\u00eda permitir al atacante modificar p\u00e1ginas dentro de la interfaz de administraci\u00f3n basada en web, lo que posiblemente generar\u00eda m\u00e1s ataques basados en el navegador contra los usuarios de la aplicaci\u00f3n."}], "id": "CVE-2023-20179", "lastModified": "2024-01-25T17:15:32.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2023-09-27T18:15:10.987", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-80"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}