CVE-2023-20182
published 2023-05-18CVE-2023-20182: Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | catalyst_center | < 2.3.3.7 | 2.3.3.7 |
| cisco | catalyst_center | >= 2.3.4 < 2.3.5.3 | 2.3.5.3 |
| cisco | cisco_digital_network_architecture_center | — | — |
| cisco | dna_center | — | — |