How severe is CVE-2023-20223?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.2 out of 10.

What type of vulnerability is CVE-2023-20223?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2023-20223 - HIGH Severity | CVSS 8.2

Vulnerability Description

A vulnerability in Cisco DNA Center could allow an unauthenticated, remote attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control enforcement on API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

Related Vulnerabilities

CVE-2015-8550

HIGH

CVSS:8.2(High)

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend ...

CWE-2842015

CVE-2016-5482

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integri...

CWE-2842016

CVE-2016-5491

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CWE-2842016

CVE-2016-5557

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and inte...

CWE-2842016

CVE-2016-5586

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrit...

CWE-2842016

CVE-2016-5587

HIGH

CVSS:8.2(High)

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1 through 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality an...

CWE-2842016