Description
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files.

The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
Published: 2023-08-23
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-24413 A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.
History

No history.

Subscriptions

Cisco Firepower 1000 Firepower 1010 Firepower 1020 Firepower 1030 Firepower 1040 Firepower 2100 Firepower 2110 Firepower 2120 Firepower 2130 Firepower 2140 Firepower 4100 Firepower 4110 Firepower 4110 Next-generation Firewall Firepower 4112 Firepower 4115 Firepower 4120 Firepower 4120 Next-generation Firewall Firepower 4125 Firepower 4140 Firepower 4140 Next-generation Firewall Firepower 4145 Firepower 4150 Firepower 4150 Next-generation Firewall Firepower 9300 Firepower 9300 Security Appliance Firepower 9300 Sm-24 Firepower 9300 Sm-36 Firepower 9300 Sm-40 Firepower 9300 Sm-44 Firepower 9300 Sm-44 X 3 Firepower 9300 Sm-48 Firepower 9300 Sm-56 Firepower 9300 Sm-56 X 3 Firepower 9300 With 1 Sm-24 Module Firepower 9300 With 1 Sm-36 Module Firepower 9300 With 1 Sm-44 Module Firepower 9300 With 3 Sm-44 Module Firepower Extensible Operating System Secure Firewall 3105 Secure Firewall 3110 Secure Firewall 3120 Secure Firewall 3130 Secure Firewall 3140
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-02T09:05:35.918Z

Reserved: 2022-10-27T18:47:50.369Z

Link: CVE-2023-20234

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-08-23T19:15:08.277

Modified: 2024-11-21T07:40:57.383

Link: CVE-2023-20234

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses