Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-20205 CVSS:4.8

Cisco Prime Infrastructure and Evolved Programmable Network Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20203 CVSS:4.8

Cisco Prime Infrastructure and Evolved Programmable Network Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20232 CVSS:5.3

Cisco Unified Contact Center Express could allow a remote attacker to conduct spoofing attacks, caused by improper input validation of HTTP requests. By sending crafted HTTP requests to a specific API endpoint on the Unified CCX Finesse Portal, an attacker could exploit this vulnerability to cause a web cache poisoning.

CVE-2023-20201 CVSS:4.8

Cisco Prime Infrastructure and Evolved Programmable Network Manager is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20228 CVSS:6.1

Cisco Integrated Management Controller is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20242 CVSS:4.8

Cisco Unified Communications Products are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20209 CVSS:6.5

Cisco Expressway Series and TelePresence Video Communication Server could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-20212 CVSS:7.5

Cisco ClamAV is vulnerable to a denial of service, caused by a logic error in the memory management in the AutoIt module. By submitting a specially crafted AutoIt file, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-20197 CVSS:7.5

Cisco ClamAV is vulnerable to a denial of service, caused by a flaw in the filesystem image parser for Hierarchical File System Plus (HFS+). By submitting a specially crafted HFS+ filesystem image, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-20211 CVSS:8.1

Cisco Unified Communications Manager is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

CVE-2023-20229 CVSS:7.1

Cisco Duo Device Health Application for Windows could allow a local authenticated attacker to traverse directories on the system. An attacker could send a specially crafted request to overwrite arbitrary files on the system.

CVE-2023-20224 CVSS:7.8

Cisco ThousandEyes Enterprise Agent Virtual Appliance could allow a local authenticated attacker to gain elevated privileges on the system, caused by insufficient input validation of user-supplied CLI arguments. By using crafted commands at the prompt, an attacker could exploit this vulnerability to elevate privileges to root.

CVE-2023-20237 CVSS:6.5

Cisco P Phone 6800, 7800, and 8800 Series are vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform a factory reset. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-20221 CVSS:4.3

Cisco Intersight Virtual Appliance could allow a remote attacker to bypass security restrictions, caused by improper restrictions on internally accessible http proxies. By sending a specially crafted CLI command, an attacker could exploit this vulnerability to access to internal subnets.

CVE-2023-20111 CVSS:6.5

Cisco Identity Services Engine could allow a remote authenticated attacker to obtain sensitive information, caused by improper storage of sensitive information within the web-based management interface. By sending a specially crafted request to view hidden fields within the application, an attacker could exploit this vulnerability to obtain device entry credentials information, and use this information to launch further attacks against the affected system.

CVE-2023-20013 CVSS:6.5

Cisco Intersight Private Virtual Appliance could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation when extracting uploaded software packages. By uploading a specially crafted software package, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root-level privileges.

CVE-2023-20017 CVSS:6.5

Cisco Intersight Private Virtual Appliance could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation when extracting uploaded software packages. By uploading a specially crafted software package, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root-level privileges.

CVE-2023-20222 CVSS:4.8

Cisco Prime Infrastructure and Evolved Programmable Network Manager are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web-based management interface. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2023-20217 CVSS:5.5

Cisco ThousandEyes Enterprise Agent could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper input validation by the operating system CLI. By issuing specially crafted commands using sudo, an authenticated attacker could exploit this vulnerability to view arbitrary files as root on the underlying operating system.