NVD - CVE-2023-20046

Vulnerability Change Records for CVE-2023-20046

Change History

Initial Analysis by NIST 5/17/2023 2:11:46 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:staros::::::::* versions up to (excluding) 21.22.14 cpe:2.3:o:cisco:staros::::::::* versions from (including) 21.23.0 up to (excluding) 21.23.31 cpe:2.3:o:cisco:staros:21.23.n::::::: cpe:2.3:o:cisco:staros:21.24::::::: cpe:2.3:o:cisco:staros::::::::* versions from (including) 21.25.0 up to (excluding) 21.25.15 cpe:2.3:o:cisco:staros::::::::* versions from (including) 21.26.0 up to (excluding) 21.26.17 cpe:2.3:o:cisco:staros::::::::* versions from (including) 21.27.0 up to (excluding) 21.27.6 cpe:2.3:o:cisco:staros:21.27.m::::::: cpe:2.3:o:cisco:staros::::::::* versions from (including) 21.28.0 up to (excluding) 21.28.3 cpe:2.3:o:cisco:staros:21.28.m::::::: OR cpe:2.3:h:cisco:asr_5000:-:::::::* cpe:2.3:h:cisco:asr_5500:-:::::::* cpe:2.3:h:cisco:asr_5700:-:::::::* cpe:2.3:h:cisco:vpc-di:-:::::::* cpe:2.3:h:cisco:vpc-si:-:::::::*
Added	CVSS V3.1		NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-522
Changed	Reference Type	https://github.com/orangecertcc/security-research/security/advisories/GHSA-j7p3-gjw6-pp4r No Types Assigned	https://github.com/orangecertcc/security-research/security/advisories/GHSA-j7p3-gjw6-pp4r Third Party Advisory
Changed	Reference Type	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h No Types Assigned	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h Vendor Advisory