CVE-2023-20136
published 2023-06-28CVE-2023-20136: A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute…
PriorityP340medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
EPSS
0.52%
40.0th percentile
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.
This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
Affected
71 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
| cisco | cisco_secure_workload | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
vendor_cisco4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
vendor_cisco·2023-06-07·CVSS 4.3
CVE-2023-20136 [MEDIUM] CWE-648 Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.
This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
Cisco has released software updates that address this vulnerability. Ther
Cisco
Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
vendor_cisco·CVSS 3.1
CVE-2023-20136 Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
CVE-2023-20136: Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels. Cisco has released software updates that address this vulne
GHSA
GHSA-j98g-g34p-r4ch: A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execu
ghsa_unreviewed·2023-06-28
CVE-2023-20136 [MEDIUM] CWE-269 GHSA-j98g-g34p-r4ch: A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execu
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-28
Published