CVE-2023-20260

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure (affected versions not specified) Cisco Evolved Programmable Network (EPN) Manager (affected versions not specified)

Description The issue is related to the improper processing of command line arguments to application scripts in the application CLI of the affected systems. This could allow an authenticated, local attacker to gain escalated privileges by issuing a command on the CLI with malicious options. A successful exploit could allow the attacker to gain the escalated privileges of the root user on the underlying operating system.

Recommendations For Cisco Prime Infrastructure, consider restricting access to the application CLI until a patch is available. For Cisco Evolved Programmable Network (EPN) Manager, avoid using malicious options in the CLI commands until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.