{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T23:28:43.903","vulnerabilities":[{"cve":{"id":"CVE-2023-20164","sourceIdentifier":"psirt@cisco.com","published":"2023-05-18T03:15:10.547","lastModified":"2024-11-21T07:40:43.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7","matchCriteriaId":"DDE2869D-6E9E-4717-A8D4-9E3204889F14"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*","matchCriteriaId":"A1063044-BCD7-487F-9880-141C30547E36"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DA42E65A-7207-48B8-BE1B-0B352201BC09"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*","matchCriteriaId":"75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*","matchCriteriaId":"C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*","matchCriteriaId":"2B3A267A-5FEA-426D-903E-BD3F4F94A1A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*","matchCriteriaId":"B1B3207B-1B9C-41AA-8EF6-8478458462E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*","matchCriteriaId":"C5B9E7F3-B0F2-4A6A-B939-A62E9B12CCEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*","matchCriteriaId":"EF4C5A58-D0AE-48D6-9757-18C1D5BE5070"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*","matchCriteriaId":"C4DB9726-532F-45CE-81FD-45F2F6C7CE51"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*","matchCriteriaId":"2E8F0066-0EC0-41FD-80BE-55C4ED5F6B0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*","matchCriteriaId":"5D1765DB-1BEF-4CE9-8B86-B91F709600EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*","matchCriteriaId":"3D1E80EF-C3FD-4F7A-B63D-0EAA5C878B11"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*","matchCriteriaId":"095F27EC-5713-4D4F-AD06-57D3DF068B90"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*","matchCriteriaId":"FEA5210C-E674-4C4B-9EB3-C681C70005B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*","matchCriteriaId":"36722B6C-64A5-4D00-94E1-442878C37A35"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*","matchCriteriaId":"7EEEA06A-AD58-48D3-8975-B21A961985B3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-sRQnsEU9","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-sRQnsEU9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}