Vulnerability Bulletins

Cisco Network Services Orchestrator Path Traversal Vulnerability

System information

Affected software Cisco


A vulnerability in the RESTCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group. This vulnerability exists because user-supplied input is not properly validated when RESTCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by

More info:

Standar resources

Property Value
CVE CVE-2023-20040.

Version history

Version Comments Date
1.0 Advisory issued 2023-02-03
Ministerio de Defensa
Presidencia española. Consejo de la Unión Europea