Local Authenticated File Permission Bypass in Cisco IND
CVE-2023-20039 Published on November 15, 2024
Cisco Industrial Network Director File Permissions
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application data.
This vulnerability is due to insufficient default file permissions that are applied to the application data directory. An attacker could exploit this vulnerability by accessing files in the application data directory. A successful exploit could allow the attacker to view sensitive information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Vulnerability Analysis
CVE-2023-20039 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.
Weakness Type
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be. Web servers, FTP servers, and similar servers may store a set of files underneath a "root" directory that is accessible to the server's users. Applications may store sensitive files underneath this root without also using access control to limit which users may request those files, if any. Alternately, an application might package multiple files or directories into an archive file (e.g., ZIP or tar), but the application might not exclude sensitive files that are underneath those directories.
Products Associated with CVE-2023-20039
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-20039 are published in Cisco Industrial Network Director:
Affected Versions
Cisco Industrial Network Director:- Version 1.3.1 is affected.
- Version 1.6.0 is affected.
- Version 1.7.0 is affected.
- Version 1.6.1 is affected.
- Version 1.5.1 is affected.
- Version 1.2.0 is affected.
- Version 1.0.1 is affected.
- Version 1.8.0 is affected.
- Version 1.0.0 is affected.
- Version 1.3.0 is affected.
- Version 1.7.1 is affected.
- Version 1.5.0 is affected.
- Version 1.1.0 is affected.
- Version 1.4.0 is affected.
- Version 1.1.1 is affected.
- Version 1.9.0 is affected.
- Version 1.10.0 is affected.
- Version 1.11.0 is affected.
- Version 1.11.2 is affected.
- Version 1.11.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.