CVE-2023-20038

{"id": "CVE-2023-20038", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}]}, "published": "2023-01-20T07:15:15.493", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-fZyVjJtG", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ind-fZyVjJtG", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-321"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems.\r\n\r This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director."}, {"lang": "es", "value": "Una vulnerabilidad en la aplicaci\u00f3n de monitoreo de Cisco Industrial Network Director podr\u00eda permitir que un atacante local autenticado acceda a una clave secreta est\u00e1tica utilizada para almacenar datos locales y credenciales para acceder a sistemas remotos. Esta vulnerabilidad se debe a un valor de clave est\u00e1tica almacenado en la aplicaci\u00f3n que se utiliza para cifrar los datos de la aplicaci\u00f3n y las credenciales remotas. Un atacante podr\u00eda aprovechar esta vulnerabilidad obteniendo acceso local al servidor en el que est\u00e1 instalado Cisco Industrial Network Director. Un exploit exitoso podr\u00eda permitir al atacante descifrar datos, lo que le permitir\u00eda acceder a sistemas remotos monitoreados por Cisco Industrial Network Director."}], "lastModified": "2024-11-21T07:40:24.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:industrial_network_director:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA14F071-EA44-4A75-B5F0-2C82E68C972F", "versionEndExcluding": "1.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}