How severe is CVE-2023-20253?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2023-20253?

This is classified as CWE-286, which is a common weakness in software security.

CVE-2023-20253 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device. This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system.

Related Vulnerabilities

CVE-2023-3914

MEDIUM

CVSS:5.3(Medium)

A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a n...

CWE-2862023

CVE-2024-29296

MEDIUM

CVSS:5.3(Medium)

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user t...

CWE-2862024

CVE-2024-46671

MEDIUM

CVSS:6.2(Medium)

An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an aut...

CWE-2862024

CVE-2023-51750

MEDIUM

CVSS:4.6(Medium)

ScaleFusion 10.5.2 does not properly limit users to the Edge application because file downloads can occur. NOTE: the vendor's position is "Not vulnerable if the default Windows device profile configur...

CWE-2862023

CVE-2023-3932

MEDIUM

CVSS:6.5(Medium)

An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was...

CWE-2862023

CVE-2024-45425

MEDIUM

CVSS:6.5(Medium)

Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

CWE-2862024