Cisco IOS XE software vulnerability

yashasvi kesamreddy · ‎10-18-2023

Hi Team,

Can you please check for this Cisco IOS XE software (CVE-2023-20198 is a privilege escalation vulnerability affecting Cisco IOS XE software), receiving the highest possible CVSS score of 10?

Is this affecting our Cisco devices or not?

If yes, please share the process to remediate this vulnerability.

yashasvi kesamreddy · ‎10-18-2023

We are not sure about this.

Can you please elaborate more on this information.

Igor Lukic · ‎10-18-2023

Hello @yashasvi kesamreddy,

as the security advisory states all devices running IOS-XE (e.g. switches, routers, access points, etc.) are affected, if the HTTP/HTTPS web server is enabled.

Here is a list of devices which use IOS-XE:

Cisco IOS XE - Cisco

In order to be vulnerable, the following commands (or either one of them) must be present in the configuration:

ip http server

ip http secure-server

As the security advisory implies the vulnerability can be mitigated by disabling this feature (no ip http server / no ip http secure-server), if it is not required. If it is required, then you should block the web access to the vulnerable devices from untrusted networks.

Best regards

Igor

balaji.bandi · ‎10-18-2023

check below effected devices :

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help