CVE-2023-20121
CVSS V2 None
CVSS V3 None
Description
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.
Overview
- CVE ID
- CVE-2023-20121
- Assigner
- ykramarz@cisco.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-04-05T19:15:08
- Last Modified Date
- 2023-04-12T02:24:54
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* | 1 | OR | 7.0.1 | |
| cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* | 1 | OR | 3.10.4 |
References
| Reference URL | Reference Tags |
|---|---|
| https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-adeos-MLAyEcvk | Vendor Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-20121 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20121 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 04:13:08 | Added to TrackCVE | |||
| 2023-04-17 04:13:11 | Weakness Enumeration | new | ||
| 2023-04-17 05:14:49 | CVSS V3 information | new |