{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T19:09:26.045","vulnerabilities":[{"cve":{"id":"CVE-2023-20035","sourceIdentifier":"psirt@cisco.com","published":"2023-03-23T17:15:14.030","lastModified":"2024-11-21T07:40:24.403","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-146"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xe_sd-wan:-:*:*:*:*:*:*:*","matchCriteriaId":"16266B9E-E613-45FA-A02B-51EED8BEFCC9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*","matchCriteriaId":"CF365FC4-46E3-4564-9F25-1C2FBE70057B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"A6F668B9-2C1D-4306-8286-35E67D0F67C7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"A2D2305B-B69E-4F74-A44E-07B3205CE9F7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5AAD4397-6DCF-493A-BD61-3A890F6F3AB2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5EB8A757-7888-4AC2-BE44-B89DB83C6C77"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"BB9229F3-7BCE-46C4-9879-D57B5BAAE44E"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B80890A8-E3D3-462C-B125-9E9BC6525B02"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"F3F374DC-B9F7-4515-A064-01BB436CA984"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"D916389F-54DB-44CB-91DD-7CE3C7059350"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"6C8AED7C-DDA3-4C29-BB95-6518C02C551A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"9421DBEF-AE42-4234-B49F-FCC34B804D7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5419CB9F-241F-4431-914F-2659BE27BEA5"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"5720462A-BE6B-4E84-A1A1-01E80BBA86AD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"818CEFA6-208C-43C3-8E43-474A93ADCF21"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"82225D40-537F-41D2-B1C4-1B7D06466B06"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"E8B60888-6E2B-494E-AC65-83337661EE7D"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*","matchCriteriaId":"09C913FF-63D5-43FB-8B39-598EF436BA5A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*","matchCriteriaId":"CD2794BD-C8CE-46EF-9857-1723FCF04E46"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*","matchCriteriaId":"DE7401B7-094C-46EB-9869-2F0372E8B26B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*","matchCriteriaId":"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*","matchCriteriaId":"EE9EABE0-5FB0-4277-A389-87732E750B7C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*","matchCriteriaId":"72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*","matchCriteriaId":"5E7E8914-7B25-4097-8B22-6928C1F03D5A"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*","matchCriteriaId":"B207857B-C483-47DF-9FC7-6A05B866BF60"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*","matchCriteriaId":"CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*","matchCriteriaId":"BDB16CCE-1E89-4707-86C1-97F2FB5B62B9"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*","matchCriteriaId":"7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*","matchCriteriaId":"A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*","matchCriteriaId":"04AB61E9-0148-495E-BD21-64D52DE60A6C"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*","matchCriteriaId":"85D2C587-E95B-4E74-88CF-5930072258D3"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*","matchCriteriaId":"D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*","matchCriteriaId":"74270062-2030-45A0-9C93-C1F3B7C88E8B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*","matchCriteriaId":"0F403859-F034-4DD9-9CA5-708EADECB380"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*","matchCriteriaId":"BF8B0B49-2C99-410B-B011-5B821C5992FB"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-sdwan-VQAhEjYw","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}