Vulnerability Bulletins

Cisco IOx Application Hosting Environment Privilege Escalation Vulnerability

System information

Affected software Cisco


A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not blocked when they are in application development mode. An attacker could exploit this vulnerability by using the Docker CLI to access an affected

More info:

Standar resources

Property Value
CVE CVE-2023-20235.

Version history

Version Comments Date
Ministerio de Defensa