Cisco IOS XE Software Web UI 취약점 주의 (CVE-2023-20198, CVE-2023-20273) - ASEC BLOG 관련 IOC 6개 발견
Cisco가 이번 달 두 취약점 CVE-2023-20198, CVE-2023-20273에 대한 보안 권고를 발표했으며, 이는 Cisco IOS XE Software의 Web UI에서 발생하는 취약점으로 CVSS 점수 10.0/7.2를 할당받았다. 또한, Web UI는 ip http server 및 ip http secure-server 명령어로 활성화되며, show running-config 명령어로 활성화 여부를 확인할 수 있다.
Cisco가 이번 달 두 취약점 CVE-2023-20198, CVE-2023-20273에 대한 보안 권고를 발표하였으며, 이는 Cisco IOS XE Software의 Web UI에서 발생하는 취약점으로 CVSS 점수 10.0/7.2를 할당받았다. ip http server 및 ip http secure-server 명령어로 활성화되며, show running-config 명령어로 활성화 여부를 확인할 수 있다.
Ahnlab
Cisco iOS XE SOFTWARE Web UI Vulnerability (CVE-2023-20198, CVE-2023-20273) -Asec Blog
CISCO has announced security recommendations for two vulnerabilities CVE-2023-20198 and CVE-2023-20273 this month, which is a vulnerability from CISCO iOS XE SOFTWARE’s Web UI, which has been assigned CVSS score 10.0/7.2.In addition, the Web UI is activated with the IP HTTP Server and IP HTTP Secure-Server command, and can be checked with the Show Running-Config command.
CISCO has announced security recommendations for two vulnerabilities CVE-2023-20198 and CVE-20123-20273 this month, which is a vulnerability from CISCO iOS XE SOFTWARE’s Web UI and has been assigned CVSS scores 10.0/7.2.It is activated with IP HTTP Server and IP HTTP Secure-Server command, and can be checked with the Show Running-Config command.
https://asec.ahnlab.com/ko/57951/