Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-20066: Cisco Security Advisory: Cisco IOS XE Software Web UI Path Traversal Vulnerability

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.

CVE
Open in Source
#vulnerability#web#ios#cisco#auth

At the time of publication, this vulnerability affected Cisco IOS XE Software if it had the web UI enabled.

For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory.

Determine the HTTP Server Configuration

To determine whether the HTTP Server feature is enabled for a device, log in to the device and use the show running-config | include ip http server|secure|active command in the CLI to check for the presence of the ip http server command or the ip http secure-server command in the global configuration. If either command is present, the HTTP Server feature is enabled for the device.

The following example shows the output of the show running-config | include ip http server|secure|active command for a device that has the HTTP Server feature enabled:

Router# show running-config | include ip http server|secure|active
ip http server
ip http secure-server

Note: The presence of either command or both commands in the device configuration indicates that the web UI feature is enabled.

If the ip http server command is present and the configuration also contains ip http active-session-modules none, the vulnerability is not exploitable over HTTP.

If the ip http secure-server command is present and the configuration also contains ip http secure-active-session-modules none, the vulnerability is not exploitable over HTTPS.

Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.

Cisco has confirmed that this vulnerability does not affect the following Cisco products:

  • IOS Software
  • IOS XR Software
  • Meraki products
  • NX-OS Software

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE