Delete http/cves/2023/CVE-2023-20198.yaml
parent
e057567c94
commit
750068a98d
|
@ -1,25 +0,0 @@
|
|||
id: CVE-2023-20198
|
||||
info:
|
||||
name: Cisco IOS XE Privilege Esculation detection
|
||||
author: E1A & rxerium
|
||||
severity: critical
|
||||
description: |
|
||||
A vulnerability in the Web User Interface (Web UI) of Cisco IOS XE software allows an attacker to create an account on the affected device with privilege level 15 access, effectively granting them full control of the compromised device and allowing possible subsequent unauthorized activity.
|
||||
remediation: "Disable the HTTP server feature on internet-facing systems by running one of the following commands in global configuration mode: `no ip http server` or `no ip http secure-server`"
|
||||
reference:
|
||||
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
|
||||
- https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-ios-xe-zero-day-actively-exploited-in-attacks/
|
||||
- https://socradar.io/cisco-warns-of-exploitation-of-a-maximum-severity-zero-day-vulnerability-in-ios-xe-cve-2023-20198/
|
||||
tags: cve,cve2023,cisco
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
- |+
|
||||
POST /webui/logoutconfirm.html?logon_hash=1 HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
matchers:
|
||||
- type: regex
|
||||
part: body
|
||||
regex:
|
||||
- '[0-9a-fA-F]+'
|
Loading…
Reference in New Issue