{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-20115", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.344Z", "datePublished": "2023-08-23T18:20:34.184Z", "dateUpdated": "2024-01-25T16:57:46.171Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:46.171Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability."}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS Software", "versions": [{"version": "9.2(1)", "status": "affected"}, {"version": "9.2(2)", "status": "affected"}, {"version": "9.2(2t)", "status": "affected"}, {"version": "9.2(3)", "status": "affected"}, {"version": "9.2(4)", "status": "affected"}, {"version": "9.2(2v)", "status": "affected"}, {"version": "9.3(1)", "status": "affected"}, {"version": "9.3(2)", "status": "affected"}, {"version": "9.3(3)", "status": "affected"}, {"version": "9.3(4)", "status": "affected"}, {"version": "9.3(5)", "status": "affected"}, {"version": "9.3(6)", "status": "affected"}, {"version": "9.3(7)", "status": "affected"}, {"version": "9.3(7a)", "status": "affected"}, {"version": "9.3(8)", "status": "affected"}, {"version": "9.3(9)", "status": "affected"}, {"version": "9.3(10)", "status": "affected"}, {"version": "9.3(11)", "status": "affected"}, {"version": "10.1(1)", "status": "affected"}, {"version": "10.1(2)", "status": "affected"}, {"version": "10.1(2t)", "status": "affected"}, {"version": "10.2(1)", "status": "affected"}, {"version": "10.2(1q)", "status": "affected"}, {"version": "10.2(2)", "status": "affected"}, {"version": "10.2(3)", "status": "affected"}, {"version": "10.2(3t)", "status": "affected"}, {"version": "10.2(4)", "status": "affected"}, {"version": "10.2(5)", "status": "affected"}, {"version": "10.3(1)", "status": "affected"}, {"version": "10.3(2)", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Lack of Administrator Control over Security", "type": "cwe", "cweId": "CWE-671"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd", "name": "cisco-sa-nxos-sftp-xVAp5Hfd"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-nxos-sftp-xVAp5Hfd", "discovery": "INTERNAL", "defects": ["CSCwe47138"]}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "DD96C7AE-EECC-43F4-9132-1E7F8047C701", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "1D43B9D6-0991-4370-9369-C0A1EDBF6627", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", "matchCriteriaId": "6EB58108-78E4-4208-A549-C86B37422828", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", "matchCriteriaId": "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.2\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "6E2484E7-24ED-4238-8ED3-FFFB7C479F18", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "9A589031-946F-4016-AFC9-92FB033420D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "20FF2A5A-CB80-4F58-856D-724AACB0864C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97A62E0-8A96-43A3-8FB1-FDC1B8A08049", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "2A2F42DB-B22B-4880-BA73-D0E0295190DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "85A8B2D7-BCF2-4B2E-8208-7D2FDF717C65", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "C8A71DEB-93CD-4827-9F9E-3A0DFFAD145A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(7a\\):*:*:*:*:*:*:*", "matchCriteriaId": "E1A56DB8-CDDD-4AB8-8694-B6CC967B7F62", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(8\\):*:*:*:*:*:*:*", "matchCriteriaId": "2B448FDB-C2F5-454F-A275-E985C3FCDBCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(9\\):*:*:*:*:*:*:*", "matchCriteriaId": "1AEE47A7-B23A-4C9A-A25C-0983D94FB569", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(10\\):*:*:*:*:*:*:*", "matchCriteriaId": "350F10D8-221B-4A47-8BF6-CCC421878243", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:9.3\\(11\\):*:*:*:*:*:*:*", "matchCriteriaId": "C0B4E497-95AE-45FC-8F89-A7959CA9AF4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "D7B192CE-F0B4-415F-9A33-B639A7B56ED4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "2A1D6DFF-D8CC-4912-BFE6-8454AB95AD7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.1\\(2t\\):*:*:*:*:*:*:*", "matchCriteriaId": "B6C6D9CC-211B-4CAA-B2AB-16DE5A34E21E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F2DB904E-9FAF-4A23-82E9-367BDBFC57D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(1q\\):*:*:*:*:*:*:*", "matchCriteriaId": "A5736375-4050-40A5-A504-688B182C9A75", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "54AB751B-77DE-4513-B961-378458F74164", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "63AB92C1-D2F7-4025-88B6-EFA1D3C07F8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(3t\\):*:*:*:*:*:*:*", "matchCriteriaId": "305A6637-16EA-4A66-A044-19BE643D6CA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "69C445A7-B836-493D-8056-86D4F31847EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.2\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "C3018A70-3236-4885-8EB1-708442F74981", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F69EF43C-0F06-40B8-94AE-870E182E26CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:10.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "8CE0E36D-08A6-48D5-A364-AC066F30F3CB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "CED628B5-97A8-4B26-AA40-BEC854982157", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", "matchCriteriaId": "652A2849-668D-4156-88FB-C19844A59F33", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA52D5C1-13D8-4D23-B022-954CCEF491F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9232e:-:*:*:*:*:*:*:*", "matchCriteriaId": "83DA8BFA-D7A2-476C-A6F5-CAE610033BC2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "40E40F42-632A-47DF-BE33-DC25B826310B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3h:-:*:*:*:*:*:*:*", "matchCriteriaId": "16C64136-89C2-443C-AF7B-BED81D3DE25A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBEF7F26-BB47-44BD-872E-130820557C23", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "102F91CD-DFB6-43D4-AE5B-DA157A696230", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "5394DE31-3863-4CA9-B7B1-E5227183100D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3h:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6678B8A-D905-447E-BE7E-6BFB4CC5DAFE", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332d-gx2b:-:*:*:*:*:*:*:*", "matchCriteriaId": "02C3CE6D-BD54-48B1-A188-8E53DA001424", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332d-h2r:-:*:*:*:*:*:*:*", "matchCriteriaId": "498991F7-39D6-428C-8C7D-DD8DC72A0346", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "73DC1E93-561E-490C-AE0E-B02BAB9A7C8E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "12DA2DE5-8ADA-4D6A-BC1A-9C06FA163B1C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CF467E2-4567-426E-8F48-39669E0F514C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", "matchCriteriaId": "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9364d-gx2a:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D6DB7F-C025-4971-9615-73393ED61078", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9408:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8D5D5E2-B40B-475D-9EF3-8441016E37E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9804:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10C9C0A-C96A-4B45-90D0-6ED457EB5F4C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9808:-:*:*:*:*:*:*:*", "matchCriteriaId": "3284D16F-3275-4F8D-8AE4-D413DE19C4FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. \r\n\r This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user.\r\n\r There are workarounds that address this vulnerability."}], "id": "CVE-2023-20115", "lastModified": "2024-01-25T17:15:30.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2023-08-23T19:15:07.587", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-671"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}