Rewterz Threat Advisory – Multiple Cisco DNA Center Software Vulnerabilities
May 18, 2023Rewterz Threat Advisory – CVE-2023-20003 – Cisco Business Wireless Access Points Vulnerability
May 18, 2023Rewterz Threat Advisory – Multiple Cisco DNA Center Software Vulnerabilities
May 18, 2023Rewterz Threat Advisory – CVE-2023-20003 – Cisco Business Wireless Access Points Vulnerability
May 18, 2023Severity
Medium
Analysis Summary
CVE-2023-20110
Cisco Smart Software Manager On-Prem is vulnerable to SQL injection, caused by inadequate validation of user input by the web-based management interface. A remote authenticated attacker could send specially crafted SQL statements to an affected system, which could allow the attacker to obtain sensitive data from the back-end database
Impact
- Data Manipulation
Indicators Of Compromise
CVE
- CVE-2023-25927
Affected Vendors
Cisco
Affected Products
- Cisco Smart Software Manager On-Prem 8
- Cisco Smart Software Manager On-Prem 7
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.