Authentication Bypass by Alternate Name

CVE-2023-20046

High

8.8/10

Summary

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user. There are workarounds that address this vulnerability.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-289 - Authentication Bypass by Alternate Name

The software performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.

References

Advisory Timeline

Published May 09, 2023

Authentication Bypass by Alternate Name

CVE-2023-20046

Summary

CWE-289 - Authentication Bypass by Alternate Name

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS