CVE-2023-20228 : A vulnerability in the web-based management interface of Cisco Integrated Manage

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.

Published 2023-08-16 21:15:10

Updated 2024-01-25 17:15:39

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2023-20228

Cisco » Ucs-e1120d-m3 Firmware
Versions before (<) 3.2.15.1
cpe:2.3:o:cisco:ucs-e1120d-m3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Ucs-e1120d-m3 » Version: N/A
Cisco » Encs 5100 Firmware
Versions from including (>=) 3.2 and before (<) 3.2.15.1
cpe:2.3:o:cisco:encs_5100_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Encs 5100 » Version: N/A
Cisco » Encs 5400 Firmware
Versions from including (>=) 3.2 and before (<) 3.2.15.1
cpe:2.3:o:cisco:encs_5400_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Encs 5400 » Version: N/A
Cisco » Ucs E160s M3 Firmware
Versions before (<) 3.2.15.1
cpe:2.3:o:cisco:ucs_e160s_m3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Ucs E160s M3 » Version: N/A
Cisco » Ucs E180d M3 Firmware
Versions before (<) 3.2.15.1
cpe:2.3:o:cisco:ucs_e180d_m3_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Ucs E180d M3 » Version: N/A
Cisco » Ucs C220 M5 Rack Server Firmware
Versions from including (>=) 4.2 and before (<) 4.3.2.230207
cpe:2.3:o:cisco:ucs_c220_m5_rack_server_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Ucs C220 M5 Rack Server » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2023-20228

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 21 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-20228

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	N/A	N/A	Cisco:cisco-sa-cimc-xss-UMYtYEtr	2024-02-22
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None
6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None
6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	Cisco Systems, Inc.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2023-20228

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Assigned by: nvd@nist.gov (Primary)
CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages.

Assigned by: ykramarz@cisco.com (Secondary)

References for CVE-2023-20228

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr

Cisco Integrated Management Controller Cross-Site Scripting Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2023-20228

Products affected by CVE-2023-20228

Exploit prediction scoring system (EPSS) score for CVE-2023-20228

CVSS scores for CVE-2023-20228

CWE ids for CVE-2023-20228

References for CVE-2023-20228