{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20004", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.305Z", "datePublished": "2024-11-15T15:23:29.140Z", "dateUpdated": "2024-11-15T15:37:26.021Z"}, "containers": {"cna": {"title": "Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-file-write-rHKwegKf", "name": "cisco-sa-roomos-file-write-rHKwegKf"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-roomos-file-write-rHKwegKf", "discovery": "INTERNAL", "defects": ["CSCwc47206"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Link Resolution Before File Access ('Link Following')", "type": "cwe", "cweId": "CWE-59"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco RoomOS Software", "versions": [{"version": "N/A", "status": "affected"}]}, {"vendor": "Cisco", "product": "Cisco TelePresence Endpoint Software (TC/CE)", "versions": [{"version": "CE9.10.2", "status": "affected"}, {"version": "CE9.1.4", "status": "affected"}, {"version": "CE9.9.3", "status": "affected"}, {"version": "CE9.10.3", "status": "affected"}, {"version": "CE9.1.5", "status": "affected"}, {"version": "CE9.2.4", "status": "affected"}, {"version": "CE9.10.1", "status": "affected"}, {"version": "CE9.13.0", "status": "affected"}, {"version": "CE9.1.2", "status": "affected"}, {"version": "CE9.1.1", "status": "affected"}, {"version": "CE9.9.4", "status": "affected"}, {"version": "CE9.2.1", "status": "affected"}, {"version": "CE9.1.3", "status": "affected"}, {"version": "CE9.0.1", "status": "affected"}, {"version": "CE9.1.6", "status": "affected"}, {"version": "CE9.12.4", "status": "affected"}, {"version": "CE9.2.2", "status": "affected"}, {"version": "CE9.12.3", "status": "affected"}, {"version": "CE9.2.3", "status": "affected"}, {"version": "CE9.13.1", "status": "affected"}, {"version": "CE9.14.3", "status": "affected"}, {"version": "CE9.14.4", "status": "affected"}, {"version": "CE9.13.2", "status": "affected"}, {"version": "CE9.12.5", "status": "affected"}, {"version": "CE9.14.5", "status": "affected"}, {"version": "CE9.15.0.10", "status": "affected"}, {"version": "CE9.15.0.11", "status": "affected"}, {"version": "CE9.13.3", "status": "affected"}, {"version": "CE9.15.0.13", "status": "affected"}, {"version": "CE9.14.6", "status": "affected"}, {"version": "CE9.15.3.17", "status": "affected"}, {"version": "CE9.14.7", "status": "affected"}, {"version": "CE9.15.0.19", "status": "affected"}, {"version": "CE9.15.3.19", "status": "affected"}, {"version": "CE9.15.3.18", "status": "affected"}, {"version": "CE9.15.3.22", "status": "affected"}, {"version": "CE9.15.8.12", "status": "affected"}, {"version": "CE9.15.10.8", "status": "affected"}, {"version": "CE9.15.3.26", "status": "affected"}, {"version": "CE9.15.3.25", "status": "affected"}, {"version": "CE9.15.13.0", "status": "affected"}, {"version": "CE9.15.15.4", "status": "affected"}, {"version": "CE9.15.16.5", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-15T15:23:29.140Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-15T15:37:09.280084Z", "id": "CVE-2023-20004", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T15:37:26.021Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20004", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-15T15:37:09.280084Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T15:37:13.280Z"}}], "cna": {"title": "Cisco TelePresence Collaboration Endpoint and RoomOS Software Arbitrary File Write Vulnerability", "source": {"defects": ["CSCwc47206"], "advisory": "cisco-sa-roomos-file-write-rHKwegKf", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco RoomOS Software", "versions": [{"status": "affected", "version": "N/A"}]}, {"vendor": "Cisco", "product": "Cisco TelePresence Endpoint Software (TC/CE)", "versions": [{"status": "affected", "version": "CE9.10.2"}, {"status": "affected", "version": "CE9.1.4"}, {"status": "affected", "version": "CE9.9.3"}, {"status": "affected", "version": "CE9.10.3"}, {"status": "affected", "version": "CE9.1.5"}, {"status": "affected", "version": "CE9.2.4"}, {"status": "affected", "version": "CE9.10.1"}, {"status": "affected", "version": "CE9.13.0"}, {"status": "affected", "version": "CE9.1.2"}, {"status": "affected", "version": "CE9.1.1"}, {"status": "affected", "version": "CE9.9.4"}, {"status": "affected", "version": "CE9.2.1"}, {"status": "affected", "version": "CE9.1.3"}, {"status": "affected", "version": "CE9.0.1"}, {"status": "affected", "version": "CE9.1.6"}, {"status": "affected", "version": "CE9.12.4"}, {"status": "affected", "version": "CE9.2.2"}, {"status": "affected", "version": "CE9.12.3"}, {"status": "affected", "version": "CE9.2.3"}, {"status": "affected", "version": "CE9.13.1"}, {"status": "affected", "version": "CE9.14.3"}, {"status": "affected", "version": "CE9.14.4"}, {"status": "affected", "version": "CE9.13.2"}, {"status": "affected", "version": "CE9.12.5"}, {"status": "affected", "version": "CE9.14.5"}, {"status": "affected", "version": "CE9.15.0.10"}, {"status": "affected", "version": "CE9.15.0.11"}, {"status": "affected", "version": "CE9.13.3"}, {"status": "affected", "version": "CE9.15.0.13"}, {"status": "affected", "version": "CE9.14.6"}, {"status": "affected", "version": "CE9.15.3.17"}, {"status": "affected", "version": "CE9.14.7"}, {"status": "affected", "version": "CE9.15.0.19"}, {"status": "affected", "version": "CE9.15.3.19"}, {"status": "affected", "version": "CE9.15.3.18"}, {"status": "affected", "version": "CE9.15.3.22"}, {"status": "affected", "version": "CE9.15.8.12"}, {"status": "affected", "version": "CE9.15.10.8"}, {"status": "affected", "version": "CE9.15.3.26"}, {"status": "affected", "version": "CE9.15.3.25"}, {"status": "affected", "version": "CE9.15.13.0"}, {"status": "affected", "version": "CE9.15.15.4"}, {"status": "affected", "version": "CE9.15.16.5"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-file-write-rHKwegKf", "name": "cisco-sa-roomos-file-write-rHKwegKf"}], "descriptions": [{"lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-59", "description": "Improper Link Resolution Before File Access ('Link Following')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-15T15:23:29.140Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20004", "state": "PUBLISHED", "dateUpdated": "2024-11-15T15:37:26.021Z", "dateReserved": "2022-10-27T18:47:50.305Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-11-15T15:23:29.140Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.\r\n\r\nThese vulnerabilities are due to improper access controls on files that are on the local file system. An attacker could exploit these vulnerabilities by placing a symbolic link in a specific location on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device. To exploit these vulnerabilities, an attacker would need to have a remote support user account.\r\nNote: CVE-2023-20092 does not affect Cisco DX70, DX80, TelePresence MX Series, or TelePresence SX Series devices.\r\nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."}, {"lang": "es", "value": "Tres vulnerabilidades en la CLI de Cisco TelePresence CE y RoomOS podr\u00edan permitir que un atacante local autenticado sobrescriba archivos arbitrarios en el sistema de archivos local de un dispositivo afectado. Estas vulnerabilidades se deben a controles de acceso inadecuados en los archivos que se encuentran en el sistema de archivos local. Un atacante podr\u00eda explotar estas vulnerabilidades colocando un enlace simb\u00f3lico en una ubicaci\u00f3n espec\u00edfica en el sistema de archivos local de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante sobrescribir archivos arbitrarios en el dispositivo afectado. Para explotar estas vulnerabilidades, un atacante necesitar\u00eda tener una cuenta de usuario de soporte remoto. Nota: CVE-2023-20092 no afecta a los dispositivos Cisco DX70, DX80, TelePresence MX Series o TelePresence SX Series. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."}], "id": "CVE-2023-20004", "lastModified": "2024-11-18T17:11:56.587", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Primary"}]}, "published": "2024-11-15T16:15:24.657", "references": [{"source": "ykramarz@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-file-write-rHKwegKf"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "ykramarz@cisco.com", "type": "Primary"}]}

{}