March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewertz Threat Advisory – Multiple Cisco Secure Client Vulnerabilities
November 16, 2023Rewertz Threat Advisory – Multiple Cisco Identity Services Engine Vulnerabilities
November 16, 2023Rewertz Threat Advisory – Multiple Cisco Secure Client Vulnerabilities
November 16, 2023Rewertz Threat Advisory – Multiple Cisco Identity Services Engine Vulnerabilities
November 16, 2023
Severity
Medium
Analysis Summary
CVE-2023-20084 CVSS: 5.0
Cisco Secure Endpoint for Windows is vulnerable to a denial of service, caused by a timing issue occurs between various software components. By persuading a victim to put and execute a specially crafted file in a specific folder within a limited time window, a local authenticated attacker could exploit this vulnerability to cause the endpoint software to fail to quarantine the malicious file or kill its process.
CVE-2023-20265 CVSS: 5.5
Cisco IP Phone is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-20274 CVSS: 6.3
Cisco AppDynamics PHP Agent could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an insufficient permission issue set by the PHP Agent Installer on the PHP Agent install directory. By modifying objects in the PHP Agent install directory, an authenticated attacker could exploit this vulnerability to gain elevated privileges to root on the system.
Impact
- Cross-Site Scripting
- Denial of Service
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-20084
- CVE-2023-20265
- CVE-2023-20274
Affected Vendors
Cisco
Affected Products
- Cisco AppDynamics PHP Agent
- Cisco IP DECT 110 Single-Cell Base Station with Multiplatform Firmware
- Cisco IP DECT 210 Multi-Cell Base Station with Multiplatform Firmware
- Cisco Unified SIP Phone 3905
- Cisco Unified IP Phone 6901
- Cisco Secure Endpoint Private Cloud
- Cisco Secure Endpoint Connector for Windows
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.