=====================================================================

                              CERT-Renater

                   Note d'Information No. 2023/VULN150

_____________________________________________________________________

DATE                : 06/04/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Secure Network Analytics,
Cisco Small Business RV320, RV325 Dual Gigabit WAN VPN Routers software,
            Cisco Evolved Programmable Network Manager (EPNM)software,
                Cisco Identity Services Engine (ISE) software,
                   Cisco Prime Infrastructure software,
              Cisco Small Business RV016, RV042, RV042G, RV082, RV320,
                             RV325 Routers software,
                                Cisco Webex Meetings,
                Cisco Unified Contact Center Express software,
                  Cisco Packet Data Network Gateway software,
                              Cisco Meraki software,
             macOS running Cisco Duo Two-Factor Authentication,
        Windows running Duo Authentication for Windows Logon and RDP.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2023-April-05.

The following PSIRT security advisories (3 High, 9 Medium, 1
Informational) were published at 16:00 UTC today.


Table of Contents:

1) Cisco Secure Network Analytics Remote Code Execution Vulnerability
- SIR: High

2) Cisco Evolved Programmable Network Manager, Cisco Identity
Services Engine, and Cisco Prime Infrastructure Command Injection
Vulnerabilities - SIR: High

3) Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN
Routers Command Injection Vulnerabilities - SIR: High

4) Cisco Prime Infrastructure and Cisco Evolved Programmable Network
Manager Vulnerabilities - SIR: Medium

5) Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325
Routers Remote Command Execution Vulnerability - SIR: Medium

6) Cisco Identity Services Engine Command Injection Vulnerabilities
- SIR: Medium

7) Cisco Small Business RV016, RV042, RV042G,  RV082 , RV320, and
RV325 Routers Cross-Site Scripting Vulnerabilities - SIR: Medium

8) Cisco Duo Authentication for macOS and Duo Authentication for
Windows Logon Offline Credentials Replay Vulnerability - SIR:
Medium

9) Cisco Packet Data Network Gateway IPsec ICMP Denial of
Service Vulnerability - SIR: Medium

10) Cisco Webex Meetings Web UI Vulnerabilities - SIR: Medium

11) Cisco Secure Network Analytics Remote Code Execution
Vulnerability - SIR: Medium

12) Cisco Unified Contact Center Express Stored Cross-Site
Scripting Vulnerability - SIR: Medium

13) Cisco Meraki Local Status Page Configuration Hardening - SIR:
Informational

+--------------------------------------------------------------------

1) Cisco Secure Network Analytics Remote Code Execution Vulnerability

CVE-2023-20102

SIR: High

CVSS Score v(3.1): 8.8

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealthsmc-rce-sfNBPjcS"]

+--------------------------------------------------------------------

2) Cisco Evolved Programmable Network Manager, Cisco Identity
Services Engine, and Cisco Prime Infrastructure Command Injection
Vulnerabilities

CVE-2023-20121, CVE-2023-20122

SIR: High

CVSS Score v(3.1): 7.8

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-adeos-MLAyEcvk 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-adeos-MLAyEcvk"]

+--------------------------------------------------------------------

3) Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Command Injection Vulnerabilities

CVE-2023-20117, CVE-2023-20128

SIR: High

CVSS Score v(3.1): 7.2

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv32x-cmdinject-cKQsZpxL 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv32x-cmdinject-cKQsZpxL"]

+--------------------------------------------------------------------

4) Cisco Prime Infrastructure and Cisco Evolved Programmable
Network Manager Vulnerabilities

CVE-2023-20127, CVE-2023-20129, CVE-2023-20130, CVE-2023-20131

SIR: Medium

CVSS Score v(3.1): 6.5

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-eRPWAXLe 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-eRPWAXLe"]

+--------------------------------------------------------------------

5) Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and
RV325 Routers Remote Command Execution Vulnerability

CVE-2023-20124

SIR: Medium

CVSS Score v(3.1): 6.5

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD"]

+--------------------------------------------------------------------

6) Cisco Identity Services Engine Command Injection Vulnerabilities

CVE-2023-20152, CVE-2023-20153

SIR: Medium

CVSS Score v(3.1): 6.0

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-2XbOg9Dg 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-2XbOg9Dg"]

+--------------------------------------------------------------------

7) Cisco Small Business RV016, RV042, RV042G,  RV082 , RV320,
and RV325 Routers Cross-Site Scripting Vulnerabilities

CVE-2023-20137, CVE-2023-20138, CVE-2023-20139, CVE-2023-20140,
CVE-2023-20141, CVE-2023-20142, CVE-2023-20143, CVE-2023-20144,
CVE-2023-20145, CVE-2023-20146, CVE-2023-20147, CVE-2023-20148,
CVE-2023-20149, CVE-2023-20150, CVE-2023-20151

SIR: Medium

CVSS Score v(3.1): 6.1

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W"]

+--------------------------------------------------------------------

8) Cisco Duo Authentication for macOS and Duo Authentication for
Windows Logon Offline Credentials Replay Vulnerability

CVE-2023-20123

SIR: Medium

CVSS Score v(3.1): 6.3

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-replay-knuNKd 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-replay-knuNKd"]

+--------------------------------------------------------------------

9) Cisco Packet Data Network Gateway IPsec ICMP Denial of Service
Vulnerability

CVE-2023-20051

SIR: Medium

CVSS Score v(3.1): 5.8

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"]

+--------------------------------------------------------------------

10) Cisco Webex Meetings Web UI Vulnerabilities

CVE-2023-20132, CVE-2023-20134

SIR: Medium

CVSS Score v(3.1): 5.4

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wbx-sxss-fupl-64uHbcm5 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wbx-sxss-fupl-64uHbcm5"]

+--------------------------------------------------------------------

11) Cisco Secure Network Analytics Remote Code Execution
Vulnerability

CVE-2023-20103

SIR: Medium

CVSS Score v(3.1): 4.9

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-BDwXFK9C 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-BDwXFK9C"]

+--------------------------------------------------------------------

12) Cisco Unified Contact Center Express Stored Cross-Site
Scripting Vulnerability

CVE-2023-20096

SIR: Medium

CVSS Score v(3.1): 5.4

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-xss-GO9L9xxr 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-xss-GO9L9xxr"]

+--------------------------------------------------------------------

13) Cisco Meraki Local Status Page Configuration Hardening

SIR: Informational

URL: 
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-lsp-7xySn6pj 
["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-lsp-7xySn6pj"]


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================