|
현재 자주 악용되고 있는 취약점 목록으로, 취약한 버전의 SW를 사용 중인 경우 긴급 패치를 권고 드립니다.
* 참조 링크 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog
|
cveID
|
vendorProject
|
vulnerabilityName
|
dateAdded
|
shortDescription
|
requiredAction
|
dueDate
|
|
CVE-2023-20198
|
Cisco
|
Cisco IOS XE Web UI Privilege Escalation Vulnerability
|
2023-10-16
|
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.
|
Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
|
2023-10-20
|
|