CVE-2023-20066

6.5

MEDIUM

Cisco IOS XE Web UI Directory Traversal Vulnerability

Description

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.

INFO

Published Date :

March 23, 2023, 5:15 p.m.

Last Modified :

Nov. 21, 2024, 7:40 a.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

2.8

Affected Products

The following products are affected by CVE-2023-20066 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Cisco	ios_xe
2	Cisco	catalyst_8500
3	Cisco	catalyst_8510csr
4	Cisco	catalyst_8510msr
5	Cisco	catalyst_8540csr
6	Cisco	catalyst_8540msr
7	Cisco	asr_1001
8	Cisco	asr_1002
9	Cisco	asr_1002-x
10	Cisco	asr_1004
11	Cisco	asr_1006
12	Cisco	asr_1013
13	Cisco	asr_9001
14	Cisco	asr_9006
15	Cisco	asr_9010
16	Cisco	asr_9904
17	Cisco	asr_9912
18	Cisco	asr_9922
19	Cisco	catalyst_3850
20	Cisco	catalyst_3850-12s-e
21	Cisco	catalyst_3850-12s-s
22	Cisco	catalyst_3850-12x48u
23	Cisco	catalyst_3850-12xs-e
24	Cisco	catalyst_3850-12xs-s
25	Cisco	catalyst_3850-16xs-e
26	Cisco	catalyst_3850-16xs-s
27	Cisco	catalyst_3850-24p-e
28	Cisco	catalyst_3850-24p-l
29	Cisco	catalyst_3850-24p-s
30	Cisco	catalyst_3850-24pw-s
31	Cisco	catalyst_3850-24s-e
32	Cisco	catalyst_3850-24s-s
33	Cisco	catalyst_3850-24t-e
34	Cisco	catalyst_3850-24t-l
35	Cisco	catalyst_3850-24t-s
36	Cisco	catalyst_3850-24u
37	Cisco	catalyst_3850-24u-e
38	Cisco	catalyst_3850-24u-l
39	Cisco	catalyst_3850-24u-s
40	Cisco	catalyst_3850-24xs
41	Cisco	catalyst_3850-24xs-e
42	Cisco	catalyst_3850-24xs-s
43	Cisco	catalyst_3850-24xu
44	Cisco	catalyst_3850-24xu-e
45	Cisco	catalyst_3850-24xu-l
46	Cisco	catalyst_3850-24xu-s
47	Cisco	catalyst_3850-32xs-e
48	Cisco	catalyst_3850-32xs-s
49	Cisco	catalyst_3850-48f-e
50	Cisco	catalyst_3850-48f-l
51	Cisco	catalyst_3850-48f-s
52	Cisco	catalyst_3850-48p-e
53	Cisco	catalyst_3850-48p-l
54	Cisco	catalyst_3850-48p-s
55	Cisco	catalyst_3850-48pw-s
56	Cisco	catalyst_3850-48t-e
57	Cisco	catalyst_3850-48t-l
58	Cisco	catalyst_3850-48t-s
59	Cisco	catalyst_3850-48u
60	Cisco	catalyst_3850-48u-e
61	Cisco	catalyst_3850-48u-l
62	Cisco	catalyst_3850-48u-s
63	Cisco	catalyst_3850-48xs
64	Cisco	catalyst_3850-48xs-e
65	Cisco	catalyst_3850-48xs-f-e
66	Cisco	catalyst_3850-48xs-f-s
67	Cisco	catalyst_3850-48xs-s
68	Cisco	catalyst_3850-nm-2-40g
69	Cisco	catalyst_3850-nm-8-10g
70	Cisco	8201
71	Cisco	8202
72	Cisco	1100-4g_integrated_services_router
73	Cisco	1100-4p_integrated_services_router
74	Cisco	1100-6g_integrated_services_router
75	Cisco	1100-8p_integrated_services_router
76	Cisco	1100_integrated_services_router
77	Cisco	1101-4p_integrated_services_router
78	Cisco	1101_integrated_services_router
79	Cisco	1109-2p_integrated_services_router
80	Cisco	1109-4p_integrated_services_router
81	Cisco	1109_integrated_services_router
82	Cisco	1111x-8p_integrated_services_router
83	Cisco	111x_integrated_services_router
84	Cisco	1120_integrated_services_router
85	Cisco	1131_integrated_services_router
86	Cisco	1160_integrated_services_router
87	Cisco	4000_integrated_services_router
88	Cisco	4221_integrated_services_router
89	Cisco	8101-32fh
90	Cisco	8101-32h
91	Cisco	8102-64h
92	Cisco	8201-32fh
93	Cisco	8800_12-slot
94	Cisco	8800_18-slot
95	Cisco	8800_4-slot
96	Cisco	8800_8-slot
97	Cisco	8804
98	Cisco	8808
99	Cisco	8812
100	Cisco	8818
101	Cisco	9800-40
102	Cisco	9800-80
103	Cisco	9800-cl
104	Cisco	9800-l
105	Cisco	asr_1000
106	Cisco	asr_1000-esp100
107	Cisco	asr_1000-esp100-x
108	Cisco	asr_1000-esp200-x
109	Cisco	asr_1001-hx
110	Cisco	asr_1001-hx_r
111	Cisco	asr_1001-x
112	Cisco	asr_1001-x_r
113	Cisco	asr_1002-hx
114	Cisco	asr_1002-hx_r
115	Cisco	asr_1002-x_r
116	Cisco	asr_1006-x
117	Cisco	asr_1009-x
118	Cisco	asr_1023
119	Cisco	asr_900
120	Cisco	asr_9000
121	Cisco	asr_9000v
122	Cisco	asr_901-12c-f-d
123	Cisco	asr_901-12c-ft-d
124	Cisco	asr_901-4c-f-d
125	Cisco	asr_901-4c-ft-d
126	Cisco	asr_901-6cz-f-a
127	Cisco	asr_901-6cz-f-d
128	Cisco	asr_901-6cz-fs-a
129	Cisco	asr_901-6cz-fs-d
130	Cisco	asr_901-6cz-ft-a
131	Cisco	asr_901-6cz-ft-d
132	Cisco	asr_901s-2sg-f-ah
133	Cisco	asr_901s-2sg-f-d
134	Cisco	asr_901s-3sg-f-ah
135	Cisco	asr_901s-3sg-f-d
136	Cisco	asr_901s-4sg-f-d
137	Cisco	asr_902
138	Cisco	asr_902u
139	Cisco	asr_903
140	Cisco	asr_907
141	Cisco	asr_914
142	Cisco	asr_920-10sz-pd
143	Cisco	asr_920-10sz-pd_r
144	Cisco	asr_920-12cz-a
145	Cisco	asr_920-12cz-a_r
146	Cisco	asr_920-12cz-d
147	Cisco	asr_920-12cz-d_r
148	Cisco	asr_920-12sz-im
149	Cisco	asr_920-12sz-im_r
150	Cisco	asr_920-24sz-im
151	Cisco	asr_920-24sz-im_r
152	Cisco	asr_920-24sz-m
153	Cisco	asr_920-24sz-m_r
154	Cisco	asr_920-24tz-m
155	Cisco	asr_920-24tz-m_r
156	Cisco	asr_920-4sz-a
157	Cisco	asr_920-4sz-a_r
158	Cisco	asr_920-4sz-d
159	Cisco	asr_920-4sz-d_r
160	Cisco	asr_920u-12sz-im
161	Cisco	asr_9901
162	Cisco	asr_9902
163	Cisco	asr_9903
164	Cisco	asr_9906
165	Cisco	asr_9910
166	Cisco	asr_9920
167	Cisco	catalyst_8200
168	Cisco	catalyst_8300
169	Cisco	catalyst_8300-1n1s-4t2x
170	Cisco	catalyst_8300-1n1s-6t
171	Cisco	catalyst_8300-2n2s-4t2x
172	Cisco	catalyst_8300-2n2s-6t
173	Cisco	catalyst_8500-4qc
174	Cisco	catalyst_8500l
175	Cisco	catalyst_9200
176	Cisco	catalyst_9200cx
177	Cisco	catalyst_9200l
178	Cisco	catalyst_9300
179	Cisco	catalyst_9300-24p-a
180	Cisco	catalyst_9300-24p-e
181	Cisco	catalyst_9300-24s-a
182	Cisco	catalyst_9300-24s-e
183	Cisco	catalyst_9300-24t-a
184	Cisco	catalyst_9300-24t-e
185	Cisco	catalyst_9300-24u-a
186	Cisco	catalyst_9300-24u-e
187	Cisco	catalyst_9300-24ux-a
188	Cisco	catalyst_9300-24ux-e
189	Cisco	catalyst_9300-48p-a
190	Cisco	catalyst_9300-48p-e
191	Cisco	catalyst_9300-48s-a
192	Cisco	catalyst_9300-48s-e
193	Cisco	catalyst_9300-48t-a
194	Cisco	catalyst_9300-48t-e
195	Cisco	catalyst_9300-48u-a
196	Cisco	catalyst_9300-48u-e
197	Cisco	catalyst_9300-48un-a
198	Cisco	catalyst_9300-48un-e
199	Cisco	catalyst_9300-48uxm-a
200	Cisco	catalyst_9300-48uxm-e
201	Cisco	catalyst_9300l
202	Cisco	catalyst_9300l-24p-4g-a
203	Cisco	catalyst_9300l-24p-4g-e
204	Cisco	catalyst_9300l-24p-4x-a
205	Cisco	catalyst_9300l-24p-4x-e
206	Cisco	catalyst_9300l-24t-4g-a
207	Cisco	catalyst_9300l-24t-4g-e
208	Cisco	catalyst_9300l-24t-4x-a
209	Cisco	catalyst_9300l-24t-4x-e
210	Cisco	catalyst_9300l-48p-4g-a
211	Cisco	catalyst_9300l-48p-4g-e
212	Cisco	catalyst_9300l-48p-4x-a
213	Cisco	catalyst_9300l-48p-4x-e
214	Cisco	catalyst_9300l-48t-4g-a
215	Cisco	catalyst_9300l-48t-4g-e
216	Cisco	catalyst_9300l-48t-4x-a
217	Cisco	catalyst_9300l-48t-4x-e
218	Cisco	catalyst_9300l_stack
219	Cisco	catalyst_9300lm
220	Cisco	catalyst_9300x
221	Cisco	catalyst_9500
222	Cisco	catalyst_9500h
223	Cisco	catalyst_9600
224	Cisco	catalyst_9600_supervisor_engine-1
225	Cisco	catalyst_9600x
226	Cisco	catalyst_9800
227	Cisco	catalyst_9800-40
228	Cisco	catalyst_9800-40_wireless_controller
229	Cisco	catalyst_9800-80
230	Cisco	catalyst_9800-80_wireless_controller
231	Cisco	catalyst_9800-cl
232	Cisco	catalyst_9800-l
233	Cisco	catalyst_9800-l-c
234	Cisco	catalyst_9800-l-f
235	Cisco	catalyst_9800_embedded_wireless_controller
236	Cisco	catalyst_ie3200_rugged_switch
237	Cisco	catalyst_ie3300_rugged_switch
238	Cisco	1000_integrated_services_router
239	Cisco	1111x_integrated_services_router
240	Cisco	4321_integrated_services_router
241	Cisco	4331_integrated_services_router
242	Cisco	4351_integrated_services_router
243	Cisco	4431_integrated_services_router
244	Cisco	4451-x_integrated_services_router
245	Cisco	4451_integrated_services_router
246	Cisco	4461_integrated_services_router
247	Cisco	integrated_services_virtual_router
248	Cisco	catalyst_ie3400_heavy_duty_switch
249	Cisco	catalyst_ie3400_rugged_switch
250	Cisco	catalyst_ie9300
251	Cisco	8831
252	Cisco	catalyst_9400
253	Cisco	catalyst_9400_supervisor_engine-1
254	Cisco	catalyst_9407r
255	Cisco	catalyst_9410r
256	Cisco	esr6300
257	Cisco	cbr-8
258	Cisco	ess-3300-24t-con-a
259	Cisco	ess-3300-24t-con-e
260	Cisco	ess-3300-24t-ncp-a
261	Cisco	ess-3300-24t-ncp-e
262	Cisco	ess-3300-con-a
263	Cisco	ess-3300-con-e
264	Cisco	ess-3300-ncp-a
265	Cisco	ess-3300-ncp-e
266	Cisco	catalyst_ie3200
267	Cisco	catalyst_ie3300
268	Cisco	catalyst_ie3400
269	Cisco	cg418-e
270	Cisco	cg522-e
271	Cisco	ess9300-10x-e

: Total Affected Vendor : 1 | Products : 271

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-20066.

URL	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V	Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V	Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-20066 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-20066 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

Nov. 21, 2024

Action	Type	Old Value	New Value
Added	Reference		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Nov. 07, 2023

Action	Type	Old Value	New Value
Removed	CVSS V3	Cisco Systems, Inc. AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Added	CVSS V3.1		Cisco Systems, Inc. AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4221:-:::::::	OR cpe:2.3:h:cisco:4221_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4331:-:::::::	OR cpe:2.3:h:cisco:4331_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4000:-:::::::	OR cpe:2.3:h:cisco:4000_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1000:-:::::::	OR cpe:2.3:h:cisco:1000_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4321:-:::::::	OR cpe:2.3:h:cisco:4321_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4351:-:::::::	OR cpe:2.3:h:cisco:4351_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1111x-8p:-:::::::	OR cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1100-8p:-:::::::	OR cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1100-4p:-:::::::	OR cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1101-4p:-:::::::	OR cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1109-4p:-:::::::	OR cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1109-2p:-:::::::	OR cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4431:-:::::::	OR cpe:2.3:h:cisco:4431_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4461:-:::::::	OR cpe:2.3:h:cisco:4461_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1100:-:::::::	OR cpe:2.3:h:cisco:1100_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1101:-:::::::	OR cpe:2.3:h:cisco:1101_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1109:-:::::::	OR cpe:2.3:h:cisco:1109_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_111x:-:::::::	OR cpe:2.3:h:cisco:111x_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1111x:-:::::::	OR cpe:2.3:h:cisco:1111x_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1120:-:::::::	OR cpe:2.3:h:cisco:1120_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1160:-:::::::	OR cpe:2.3:h:cisco:1160_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4451-x:-:::::::	OR cpe:2.3:h:cisco:4451-x_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_4451:-:::::::	OR cpe:2.3:h:cisco:4451_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1100-4g:-:::::::	OR cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1100-6g:-:::::::	OR cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:::::::

CPE Deprecation Remap by [email protected]

May. 22, 2023

Action	Type	Old Value	New Value
Changed	CPE Configuration	OR cpe:2.3:h:cisco:isr_1131:-:::::::	OR cpe:2.3:h:cisco:1131_integrated_services_router:-:::::::

Initial Analysis by [email protected]

Mar. 30, 2023

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Changed	Reference Type	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V No Types Assigned	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V Vendor Advisory
Added	CWE		NIST CWE-22
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xe:16.12.3::::::: cpe:2.3:o:cisco:ios_xe:17.3.2::::::: cpe:2.3:o:cisco:ios_xe:17.6.2::::::: OR cpe:2.3:h:cisco:8101-32fh:-:::::::* cpe:2.3:h:cisco:8101-32h:-:::::::* cpe:2.3:h:cisco:8102-64h:-:::::::* cpe:2.3:h:cisco:8201:-:::::::* cpe:2.3:h:cisco:8201-32fh:-:::::::* cpe:2.3:h:cisco:8202:-:::::::* cpe:2.3:h:cisco:8800_12-slot:-:::::::* cpe:2.3:h:cisco:8800_18-slot:-:::::::* cpe:2.3:h:cisco:8800_4-slot:-:::::::* cpe:2.3:h:cisco:8800_8-slot:-:::::::* cpe:2.3:h:cisco:8804:-:::::::* cpe:2.3:h:cisco:8808:-:::::::* cpe:2.3:h:cisco:8812:-:::::::* cpe:2.3:h:cisco:8818:-:::::::* cpe:2.3:h:cisco:8831:-:::::::* cpe:2.3:h:cisco:9800-40:-:::::::* cpe:2.3:h:cisco:9800-80:-:::::::* cpe:2.3:h:cisco:9800-cl:-:::::::* cpe:2.3:h:cisco:9800-l:-:::::::* cpe:2.3:h:cisco:asr_1000:-:::::::* cpe:2.3:h:cisco:asr_1000-esp100:-:::::::* cpe:2.3:h:cisco:asr_1000-esp100-x:-:::::::* cpe:2.3:h:cisco:asr_1000-esp200-x:-:::::::* cpe:2.3:h:cisco:asr_1001:-:::::::* cpe:2.3:h:cisco:asr_1001-hx:-:::::::* cpe:2.3:h:cisco:asr_1001-hx_r:-:::::::* cpe:2.3:h:cisco:asr_1001-x:-:::::::* cpe:2.3:h:cisco:asr_1001-x_r:-:::::::* cpe:2.3:h:cisco:asr_1002:-:::::::* cpe:2.3:h:cisco:asr_1002-hx:-:::::::* cpe:2.3:h:cisco:asr_1002-hx_r:-:::::::* cpe:2.3:h:cisco:asr_1002-x:-:::::::* cpe:2.3:h:cisco:asr_1002-x_r:-:::::::* cpe:2.3:h:cisco:asr_1004:-:::::::* cpe:2.3:h:cisco:asr_1006:-:::::::* cpe:2.3:h:cisco:asr_1006-x:-:::::::* cpe:2.3:h:cisco:asr_1009-x:-:::::::* cpe:2.3:h:cisco:asr_1013:-:::::::* cpe:2.3:h:cisco:asr_1023:-:::::::* cpe:2.3:h:cisco:asr_900:-:::::::* cpe:2.3:h:cisco:asr_9000:-:::::::* cpe:2.3:h:cisco:asr_9000v:-:::::::* cpe:2.3:h:cisco:asr_9000v:v2:::::::* cpe:2.3:h:cisco:asr_9001:-:::::::* cpe:2.3:h:cisco:asr_9006:-:::::::* cpe:2.3:h:cisco:asr_901-12c-f-d:-:::::::* cpe:2.3:h:cisco:asr_901-12c-ft-d:-:::::::* cpe:2.3:h:cisco:asr_901-4c-f-d:-:::::::* cpe:2.3:h:cisco:asr_901-4c-ft-d:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-f-a:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-f-d:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:::::::* cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:::::::* cpe:2.3:h:cisco:asr_9010:-:::::::* cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:::::::* cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:::::::* cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:::::::* cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:::::::* cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:::::::* cpe:2.3:h:cisco:asr_902:-:::::::* cpe:2.3:h:cisco:asr_902u:-:::::::* cpe:2.3:h:cisco:asr_903:-:::::::* cpe:2.3:h:cisco:asr_907:-:::::::* cpe:2.3:h:cisco:asr_914:-:::::::* cpe:2.3:h:cisco:asr_920-10sz-pd:-:::::::* cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:::::::* cpe:2.3:h:cisco:asr_920-12cz-a:-:::::::* cpe:2.3:h:cisco:asr_920-12cz-a_r:-:::::::* cpe:2.3:h:cisco:asr_920-12cz-d:-:::::::* cpe:2.3:h:cisco:asr_920-12cz-d_r:-:::::::* cpe:2.3:h:cisco:asr_920-12sz-im:-:::::::* cpe:2.3:h:cisco:asr_920-12sz-im_r:-:::::::* cpe:2.3:h:cisco:asr_920-24sz-im:-:::::::* cpe:2.3:h:cisco:asr_920-24sz-im_r:-:::::::* cpe:2.3:h:cisco:asr_920-24sz-m:-:::::::* cpe:2.3:h:cisco:asr_920-24sz-m_r:-:::::::* cpe:2.3:h:cisco:asr_920-24tz-m:-:::::::* cpe:2.3:h:cisco:asr_920-24tz-m_r:-:::::::* cpe:2.3:h:cisco:asr_920-4sz-a:-:::::::* cpe:2.3:h:cisco:asr_920-4sz-a_r:-:::::::* cpe:2.3:h:cisco:asr_920-4sz-d:-:::::::* cpe:2.3:h:cisco:asr_920-4sz-d_r:-:::::::* cpe:2.3:h:cisco:asr_920u-12sz-im:-:::::::* cpe:2.3:h:cisco:asr_9901:-:::::::* cpe:2.3:h:cisco:asr_9902:-:::::::* cpe:2.3:h:cisco:asr_9903:-:::::::* cpe:2.3:h:cisco:asr_9904:-:::::::* cpe:2.3:h:cisco:asr_9906:-:::::::* cpe:2.3:h:cisco:asr_9910:-:::::::* cpe:2.3:h:cisco:asr_9912:-:::::::* cpe:2.3:h:cisco:asr_9920:-:::::::* cpe:2.3:h:cisco:asr_9922:-:::::::* cpe:2.3:h:cisco:catalyst_3850:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12x48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24s-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48p-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48t-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-l:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48u-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:::::::* cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:::::::* cpe:2.3:h:cisco:catalyst_8200:-:::::::* cpe:2.3:h:cisco:catalyst_8300:-:::::::* cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:::::::* cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:::::::* cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:::::::* cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:::::::* cpe:2.3:h:cisco:catalyst_8500:-:::::::* cpe:2.3:h:cisco:catalyst_8500-4qc:-:::::::* cpe:2.3:h:cisco:catalyst_8500l:-:::::::* cpe:2.3:h:cisco:catalyst_8510csr:-:::::::* cpe:2.3:h:cisco:catalyst_8510msr:-:::::::* cpe:2.3:h:cisco:catalyst_8540csr:-:::::::* cpe:2.3:h:cisco:catalyst_8540msr:-:::::::* cpe:2.3:h:cisco:catalyst_9200:-:::::::* cpe:2.3:h:cisco:catalyst_9200cx:-:::::::* cpe:2.3:h:cisco:catalyst_9200l:-:::::::* cpe:2.3:h:cisco:catalyst_9300:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24p-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24p-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24s-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24s-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24t-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24t-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24u-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24u-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48p-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48p-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48s-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48s-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48t-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48t-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48u-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48u-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48un-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48un-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:::::::* cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:::::::* cpe:2.3:h:cisco:catalyst_9300l_stack:-:::::::* cpe:2.3:h:cisco:catalyst_9300lm:-:::::::* cpe:2.3:h:cisco:catalyst_9300x:-:::::::* cpe:2.3:h:cisco:catalyst_9400:-:::::::* cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:::::::* cpe:2.3:h:cisco:catalyst_9407r:-:::::::* cpe:2.3:h:cisco:catalyst_9410r:-:::::::* cpe:2.3:h:cisco:catalyst_9500:-:::::::* cpe:2.3:h:cisco:catalyst_9500h:-:::::::* cpe:2.3:h:cisco:catalyst_9600:-:::::::* cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:::::::* cpe:2.3:h:cisco:catalyst_9600x:-:::::::* cpe:2.3:h:cisco:catalyst_9800:-:::::::* cpe:2.3:h:cisco:catalyst_9800-40:-:::::::* cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:::::::* cpe:2.3:h:cisco:catalyst_9800-80:-:::::::* cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:::::::* cpe:2.3:h:cisco:catalyst_9800-cl:-:::::::* cpe:2.3:h:cisco:catalyst_9800-l:-:::::::* cpe:2.3:h:cisco:catalyst_9800-l-c:-:::::::* cpe:2.3:h:cisco:catalyst_9800-l-f:-:::::::* cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:::::::* cpe:2.3:h:cisco:catalyst_ie3200:-:::::::* cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:::::::* cpe:2.3:h:cisco:catalyst_ie3300:-:::::::* cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:::::::* cpe:2.3:h:cisco:catalyst_ie3400:-:::::::* cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:::::::* cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:::::::* cpe:2.3:h:cisco:catalyst_ie9300:-:::::::* cpe:2.3:h:cisco:cbr-8:-:::::::* cpe:2.3:h:cisco:cg418-e:-:::::::* cpe:2.3:h:cisco:cg522-e:-:::::::* cpe:2.3:h:cisco:esr6300:-:::::::* cpe:2.3:h:cisco:ess-3300-24t-con-a:-:::::::* cpe:2.3:h:cisco:ess-3300-24t-con-e:-:::::::* cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:::::::* cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:::::::* cpe:2.3:h:cisco:ess-3300-con-a:-:::::::* cpe:2.3:h:cisco:ess-3300-con-e:-:::::::* cpe:2.3:h:cisco:ess-3300-ncp-a:-:::::::* cpe:2.3:h:cisco:ess-3300-ncp-e:-:::::::* cpe:2.3:h:cisco:ess9300-10x-e:-:::::::* cpe:2.3:h:cisco:integrated_services_virtual_router:-:::::::* cpe:2.3:h:cisco:isr_1000:-:::::::* cpe:2.3:h:cisco:isr_1100:-:::::::* cpe:2.3:h:cisco:isr_1100-4g:-:::::::* cpe:2.3:h:cisco:isr_1100-4p:-:::::::* cpe:2.3:h:cisco:isr_1100-6g:-:::::::* cpe:2.3:h:cisco:isr_1100-8p:-:::::::* cpe:2.3:h:cisco:isr_1101:-:::::::* cpe:2.3:h:cisco:isr_1101-4p:-:::::::* cpe:2.3:h:cisco:isr_1109:-:::::::* cpe:2.3:h:cisco:isr_1109-2p:-:::::::* cpe:2.3:h:cisco:isr_1109-4p:-:::::::* cpe:2.3:h:cisco:isr_1111x:-:::::::* cpe:2.3:h:cisco:isr_1111x-8p:-:::::::* cpe:2.3:h:cisco:isr_111x:-:::::::* cpe:2.3:h:cisco:isr_1120:-:::::::* cpe:2.3:h:cisco:isr_1131:-:::::::* cpe:2.3:h:cisco:isr_1160:-:::::::* cpe:2.3:h:cisco:isr_4000:-:::::::* cpe:2.3:h:cisco:isr_4221:-:::::::* cpe:2.3:h:cisco:isr_4321:-:::::::* cpe:2.3:h:cisco:isr_4331:-:::::::* cpe:2.3:h:cisco:isr_4351:-:::::::* cpe:2.3:h:cisco:isr_4431:-:::::::* cpe:2.3:h:cisco:isr_4451:-:::::::* cpe:2.3:h:cisco:isr_4451-x:-:::::::* cpe:2.3:h:cisco:isr_4461:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-20066 is associated with the following CWEs:

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23: Relative Path Traversal

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-20066 weaknesses.

CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic Using Slashes and URL Encoding Combined to Bypass Validation Logic CAPEC-76: Manipulating Web Input to File System Calls Manipulating Web Input to File System Calls CAPEC-78: Using Escaped Slashes in Alternate Encoding Using Escaped Slashes in Alternate Encoding CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-126: Path Traversal Path Traversal CAPEC-76: Manipulating Web Input to File System Calls Manipulating Web Input to File System Calls CAPEC-139: Relative Path Traversal Relative Path Traversal

CVE-2023-20066

Cisco IOS XE Web UI Directory Traversal Vulnerability

Description

INFO

March 23, 2023, 5:15 p.m.

Nov. 21, 2024, 7:40 a.m.

[email protected]

Yes !

3.6

2.8

Affected Products

References to Advisories, Solutions, and Tools

CVE Modified by af854a3a-2127-422b-91ae-364da2661108

CVE Modified by [email protected]

CVE Modified by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

CPE Deprecation Remap by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

0.11 }} 0.01%

0.44763

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable