Description
A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.
Published: 2024-01-17
Score: 6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-24439 A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An attacker could exploit this vulnerability by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.
History

Wed, 13 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Cisco Evolved Programmable Network Manager Prime Infrastructure
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-13T19:51:35.114Z

Reserved: 2022-10-27T18:47:50.373Z

Link: CVE-2023-20260

cve-icon Vulnrichment

Updated: 2024-08-02T09:05:36.854Z

cve-icon NVD

Status : Modified

Published: 2024-01-17T17:15:10.323

Modified: 2024-11-21T07:41:01.097

Link: CVE-2023-20260

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses