Boletines de Vulnerabilidades

Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature

Información sobre el sistema

Software afectado Cisco


Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. The first fixed software releases have been posted on Cisco Software Download Center. Cisco will update the advisory as additional releases post to Cisco Software Download Center. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15

More info:

Identificadores estándar

Propiedad Valor
CVE CVE-2023-20198 and CVE-2023-20273.

Histórico de versiones

Versión Comentario Data
Ministerio de Defensa