Rewterz Threat Advisory – CVE-2023-20110 – Cisco Smart Software Manager Vulnerability
May 18, 2023Rewterz Threat Alert – Donot APT Group – Active IOCs
May 18, 2023Rewterz Threat Advisory – CVE-2023-20110 – Cisco Smart Software Manager Vulnerability
May 18, 2023Rewterz Threat Alert – Donot APT Group – Active IOCs
May 18, 2023Severity
Medium
Analysis Summary
CVE-2023-20003
Cisco Business Wireless Access Points could allow a remote attacker to bypass security restrictions, caused by a logic error with the social login implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access the Guest Portal without authentication.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-25927
Affected Vendors
Cisco
Affected Products
- Cisco Business 140AC APs
- Cisco Business 141ACM Mesh Extenders
- Cisco Business 142ACM Mesh Extenders
- Cisco Business 143ACM Mesh Extenders
- Cisco Business 145AC APs
- Cisco Business 150AX APs
- Cisco Business 151AXM Mesh Extenders
- Cisco Business 240AC APs
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.