Cisco Releases Security Advisories for Multiple Products

Five security advisories address vulnerabilities in ISE, Prime Infrastructure, and IOS XE

Threat ID:: CC-4255
Threat Severity:: Information only
Published:: 2 February 2023 3:50 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Five security advisories address vulnerabilities in ISE, Prime Infrastructure, and IOS XE

Affected platforms

The following platforms are known to be affected:

Cisco IOS XE

This vulnerability affects Cisco devices that are running Cisco IOS XE Software if they have the Cisco IOx feature enabled and they do not support native docker.

Versions: All prior to 3.10.3

Cisco Prime Infrastructure (PI)

Versions: All prior to 3.2 Patch1

Cisco ISE

Versions: RV340, RV340W, RV345, RV345P

Cisco RV Series VPN Firewall

Threat details

Introduction

Cisco has released security updates for multiple products, including one High impact advisory that addresses a command injection vulnerability in the Cisco IOS XE software referred to as CVE-2023-20076. This vulnerability affects Cisco devices that are running Cisco IOS XE Software that have the Cisco IOx feature enabled and do not support native docker. This could allow an authenticated remote attacker to execute arbitrary commands as root on the underlying host operating system.

There are four other Medium impact advisories that address six vulnerabilities affecting Cisco ISE, Prime Infrastructure, and RV routers. An unauthenticated remote attacker could exploit some of these vulnerabilities to take control of an affected system.

End-of-life for Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers

Cisco released an advisory for RV series small business routers, in which Cisco stated that they will not release any software updates to address the vulnerabilities as the routers have entered the end-of-life process. Affected organisations are advised to refer to the end-of-life notices for the Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers.

Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories and apply the necessary updates or workarounds.

Remediation steps

Type	Step
Patch	Cisco IOx Application Hosting Environment Command Injection Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL
Patch	Cisco Identity Services Engine Privilege Escalation Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-os-injection-pxhKsDM
Patch	Cisco Identity Services Engine XML External Entity Injection Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxe-inj-GecEHY58
Aware	Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-afu-EXxwA65V
Patch	Cisco Prime Infrastructure Reflected Cross-Site Scripting Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pi-xss-PU6dnfD9

Definitive source of threat updates

CVE Vulnerabilities

CVE-2023-20076

CVE-2023-20068

CVE-2023-20021

CVE-2023-20022

CVE-2023-20023

CVE-2023-20030

CVE-2023-20073

Last edited: 2 February 2023 3:53 pm