CVE-2023-20193: OS Command Injection
First published: Thu Sep 07 2023(Updated: )
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Identity Services Engine | <=2.7 | |
| Cisco Identity Services Engine | >=3.0<=3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-20193?
CVE-2023-20193 is a vulnerability in the Embedded Service Router (ESR) of Cisco Identity Services Engine (ISE) that allows an authenticated local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root.
How does CVE-2023-20193 impact Cisco ISE?
CVE-2023-20193 allows an authenticated local attacker to gain unauthorized access and perform unauthorized actions on the underlying operating system of Cisco ISE, potentially leading to a full compromise of the system.
What is the severity of CVE-2023-20193?
The severity of CVE-2023-20193 is medium, with a CVSS severity score of 6.
How can the CVE-2023-20193 vulnerability be exploited?
To exploit CVE-2023-20193, an attacker must have valid Administrator-level access and be able to authenticate locally.
Is there a fix available for CVE-2023-20193?
Yes, Cisco has released a security advisory with mitigation details and software updates to address the vulnerability. Please refer to the Cisco Security Advisory for more information.
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/the-register
- source/The Register
- alias/CVE-2024-20674
- alias/CVE-2024-20700
- alias/CVE-2023-49583
- alias/CVE-2023-50422
- alias/CVE-2023-20193
- alias/CVE-2023-20194
- agent/references
- agent/description
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/event
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- vendor/cisco
- canonical/cisco identity services engine
- version/cisco identity services engine/2.7
- version/cisco identity services engine/3.0
- version/cisco identity services engine/3.3