关联漏洞
标题:
Cisco IOS XE Software 安全漏洞
(CVE-2023-20198)
描述:Cisco IOS XE Software是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞,该漏洞源于允许未经身份验证的远程攻击者在受影响的系统上创建具有特权的帐户。
介绍
# Simple-Ansible-for-CVE-2023-20198
This is a very simple playbook to detect and disable http/https server to prevent the vulnerability.
## Getting started
Simply use the Cisco Always on Sandbox to test example
1. Log into sandbox router and turn on http/https server
```
ssh developer@sandbox-iosxe-recomm-1.cisco.com
pass=lastorangerestoreball8876
```
```
conf t
ip http server
ip http secure-server
```
2. Run the http.yml playbook to determine the state of the config and to disable Http/Https server
The syslog output will be empty if the sandbox router hasn't been exploited.
3. Run Playbook again
This time it should skip the third task becuase of the conditional
## PSIRT Reference
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
文件快照
[4.0K] /data/pocs/a3dc702c1119b9364801c2316232d10bb3fb5f61
├── [1.3K] http.yml
└── [ 819] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。