Title
CVE-2023-20109: CISCO
Tags
CISCO, IOS
CVE
CVE-2023-20109
NVD Description
A vulnerability in the Cisco GroupEncrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOSXE Software could allow an authenticated, remote attacker who hasadministrative control of either a group member or a key server to executearbitrary code on an affected device or cause the device to crash.
This vulnerability is due toinsufficient validation of attributes in the Group Domain of Interpretation(GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploitthis vulnerability by either compromising an installed key server or modifyingthe configuration of a group member to point to a key server that is controlledby the attacker. A successful exploit could allow the attacker to executearbitrary code and gain full control of the affected system or cause theaffected system to reload, resulting in a denial of service (DoS) condition.For more information, see the Details ["#details"] section of thisadvisory.
Exploit Available
True
Abused by Malware
False
You can find more insights and intelligence on this CVE at: https://vi.loginsoft.com/app/cve/CVE-2023-20109
Vulnerable Condition
To ascertain the vulnerable conditions and product versions deemed affected, issue the following commands and look for its associated as stated. If one more conditions matches then we can consider it as affected.
Command Instructions:
COMMAND:
show version
STDOUT:
Cisco IOS Software
COMMAND:
show running-config | include crypto
STDOUT:
crypto +(gdoi|gkm) +group
Affected Versions:
12.2(6)I1, 12.4(22)MD, 12.4(22)MD1,12.4(22)MD2, 12.4(22)MDA, 12.4(22)MDA1, 12.4(22)MDA2, 12.4(22)MDA3,12.4(22)MDA4, 12.4(22)MDA5, 12.4(22)MDA6, 12.4(22)T, 12.4(22)T1, 12.4(22)T2,12.4(22)T3, 12.4(22)T4, 12.4(22)T5, 12.4(22)XR1, 12.4(22)XR10, 12.4(22)XR11,12.4(22)XR12, 12.4(22)XR2, 12.4(22)XR3, 12.4(22)XR4, 12.4(22)XR5, 12.4(22)XR6,12.4(22)XR7, 12.4(22)XR8, 12.4(22)XR9, 12.4(24)MD, 12.4(24)MD1, 12.4(24)MD2,12.4(24)MD3, 12.4(24)MD4, 12.4(24)MD5, 12.4(24)MD6, 12.4(24)MD7, 12.4(24)MDA,12.4(24)MDA1, 12.4(24)MDA10, 12.4(24)MDA11, 12.4(24)MDA12, 12.4(24)MDA13,12.4(24)MDA2, 12.4(24)MDA3, 12.4(24)MDA4, 12.4(24)MDA5, 12.4(24)MDA6,12.4(24)MDA7, 12.4(24)MDA8, 12.4(24)MDA9, 12.4(24)MDB, 12.4(24)MDB1,12.4(24)MDB10, 12.4(24)MDB11, 12.4(24)MDB12, 12.4(24)MDB13, 12.4(24)MDB14,12.4(24)MDB15, 12.4(24)MDB16, 12.4(24)MDB17, 12.4(24)MDB18, 12.4(24)MDB19,12.4(24)MDB3, 12.4(24)MDB4, 12.4(24)MDB5, 12.4(24)MDB5a, 12.4(24)MDB6,12.4(24)MDB7, 12.4(24)MDB8, 12.4(24)MDB9, 12.4(24)T, 12.4(24)T1, 12.4(24)T10,12.4(24)T11, 12.4(24)T12, 12.4(24)T2, 12.4(24)T3, 12.4(24)T3e, 12.4(24)T3f,12.4(24)T4, 12.4(24)T4a, 12.4(24)T4b, 12.4(24)T4c, 12.4(24)T4d, 12.4(24)T4e,12.4(24)T4f, 12.4(24)T4g, 12.4(24)T4h, 12.4(24)T4i, 12.4(24)T4j, 12.4(24)T4k,12.4(24)T4l, 12.4(24)T4m, 12.4(24)T4n, 12.4(24)T4o, 12.4(24)T5, 12.4(24)T6,12.4(24)T7, 12.4(24)T8, 12.4(24)T9, 12.4(24)YG, 12.4(24)YG1, 12.4(24)YG2,12.4(24)YG3, 12.4(24)YG4, 12.4(24)YS, 12.4(24)YS1, 12.4(24)YS10, 12.4(24)YS2,12.4(24)YS3, 12.4(24)YS4, 12.4(24)YS5, 12.4(24)YS6, 12.4(24)YS7, 12.4(24)YS8,12.4(24)YS8a, 12.4(24)YS9, 15.0(1)M, 15.0(1)M1, 15.0(1)M10, 15.0(1)M2,15.0(1)M3, 15.0(1)M4, 15.0(1)M5, 15.0(1)M6, 15.0(1)M6a, 15.0(1)M7, 15.0(1)M8,15.0(1)M9, 15.0(1)MR, 15.0(1)S, 15.0(1)S1, 15.0(1)S2, 15.0(1)S3a, 15.0(1)S4,15.0(1)S4a, 15.0(1)S5, 15.0(1)S6, 15.0(1)XA, 15.0(1)XA1, 15.0(1)XA2,15.0(1)XA3, 15.0(1)XA4, 15.0(1)XA5, 15.0(2)EA, 15.0(2)EA1, 15.0(2)EJ,15.0(2)EJ1, 15.0(2)EK, 15.0(2)EK1, 15.0(2)EX, 15.0(2)EX1, 15.0(2)EX10,15.0(2)EX11, 15.0(2)EX12, 15.0(2)EX13, 15.0(2)EX2, 15.0(2)EX3, 15.0(2)EX4,15.0(2)EX5, 15.0(2)EX6, 15.0(2)EX7, 15.0(2)EX8, 15.0(2)EY, 15.0(2)EY1,15.0(2)EY2, 15.0(2)EY3, 15.0(2)EZ, 15.0(2)MR, 15.0(2)SE, 15.0(2)SE1,15.0(2)SE10, 15.0(2)SE10a, 15.0(2)SE11, 15.0(2)SE12, 15.0(2)SE13, 15.0(2)SE13a,15.0(2)SE13b, 15.0(2)SE13c, 15.0(2)SE13d, 15.0(2)SE2, 15.0(2)SE3, 15.0(2)SE4,15.0(2)SE5, 15.0(2)SE6, 15.0(2)SE7, 15.0(2)SE8, 15.0(2)SE9, 15.0(2a)EX5,15.0(2a)SE9, 15.1(1)S, 15.1(1)S1, 15.1(1)S2, 15.1(1)SG, 15.1(1)SG1, 15.1(1)SG2,15.1(1)SY, 15.1(1)SY1, 15.1(1)SY2, 15.1(1)SY3, 15.1(1)SY4, 15.1(1)SY5,15.1(1)SY6, 15.1(1)T, 15.1(1)T1, 15.1(1)T2, 15.1(1)T3, 15.1(1)T4, 15.1(1)T5,15.1(1)XB, 15.1(1)XB1, 15.1(1)XB2, 15.1(1)XB3, 15.1(2)GC, 15.1(2)GC1,15.1(2)GC2, 15.1(2)S, 15.1(2)S1, 15.1(2)S2, 15.1(2)SG, 15.1(2)SG1, 15.1(2)SG2,15.1(2)SG3, 15.1(2)SG4, 15.1(2)SG5, 15.1(2)SG6, 15.1(2)SG7, 15.1(2)SG8,15.1(2)SY, 15.1(2)SY1, 15.1(2)SY10, 15.1(2)SY11, 15.1(2)SY12, 15.1(2)SY13,15.1(2)SY14, 15.1(2)SY15, 15.1(2)SY16, 15.1(2)SY16a, 15.1(2)SY16b, 15.1(2)SY2,15.1(2)SY3, 15.1(2)SY4, 15.1(2)SY4a, 15.1(2)SY5, 15.1(2)SY6, 15.1(2)SY7,15.1(2)SY8, 15.1(2)SY9, 15.1(2)T, 15.1(2)T0a, 15.1(2)T1, 15.1(2)T2, 15.1(2)T2a,15.1(2)T3, 15.1(2)T4, 15.1(2)T5, 15.1(3)MRA, 15.1(3)MRA1, 15.1(3)MRA2,15.1(3)MRA3, 15.1(3)MRA4, 15.1(3)S, 15.1(3)S0a, 15.1(3)S1, 15.1(3)S2, 15.1(3)S3,15.1(3)S4, 15.1(3)S5, 15.1(3)S5a, 15.1(3)S6, 15.1(3)S7, 15.1(3)SVB1,15.1(3)SVB2, 15.1(3)SVD, 15.1(3)SVD1, 15.1(3)SVD2, 15.1(3)SVD3, 15.1(3)SVE,15.1(3)SVF, 15.1(3)SVF1, 15.1(3)SVF2, 15.1(3)SVF2a, 15.1(3)SVF4b, 15.1(3)SVF4c,15.1(3)SVF4d, 15.1(3)SVF4e, 15.1(3)SVF4f, 15.1(3)SVG, 15.1(3)SVG1a,15.1(3)SVG1b, 15.1(3)SVG1c, 15.1(3)SVG2, 15.1(3)SVG2a, 15.1(3)SVG3,15.1(3)SVG3a, 15.1(3)SVG3b, 15.1(3)SVG3c, 15.1(3)SVH, 15.1(3)SVH2, 15.1(3)SVH4,15.1(3)SVH4a, 15.1(3)SVI1a, 15.1(3)SVI2, 15.1(3)SVI2a, 15.1(3)SVI3,15.1(3)SVI31a, 15.1(3)SVI31b, 15.1(3)SVI3b, 15.1(3)SVI3c, 15.1(3)SVJ,15.1(3)SVJ2, 15.1(3)SVR1, 15.1(3)SVR10, 15.1(3)SVR2, 15.1(3)SVR3, 15.1(3)SVS,15.1(3)SVS1, 15.1(3)SVT1, 15.1(3)SVT2, 15.1(3)SVT3, 15.1(3)SVT4, 15.1(3)SVU1,15.1(3)SVU10, 15.1(3)SVU11, 15.1(3)SVU2, 15.1(3)SVU20, 15.1(3)SVU21,15.1(3)SVV1, 15.1(3)SVV2, 15.1(3)SVV3, 15.1(3)SVV4, 15.1(3)SVW, 15.1(3)SVW1,15.1(3)SVX, 15.1(3)SVX1, 15.1(3)T, 15.1(3)T1, 15.1(3)T2, 15.1(3)T3, 15.1(3)T4,15.1(4)GC, 15.1(4)GC1, 15.1(4)GC2, 15.1(4)M, 15.1(4)M0a, 15.1(4)M0b, 15.1(4)M1,15.1(4)M10, 15.1(4)M12a, 15.1(4)M2, 15.1(4)M3, 15.1(4)M3a, 15.1(4)M4,15.1(4)M5, 15.1(4)M6, 15.1(4)M7, 15.1(4)M8, 15.1(4)M9, 15.1(4)XB4, 15.1(4)XB5,15.1(4)XB5a, 15.1(4)XB6, 15.1(4)XB7, 15.1(4)XB8, 15.1(4)XB8a, 15.2(1)E,15.2(1)E1, 15.2(1)E2, 15.2(1)E3, 15.2(1)EY, 15.2(1)GC, 15.2(1)GC1, 15.2(1)GC2,15.2(1)S, 15.2(1)S1, 15.2(1)S2, 15.2(1)SC1a, 15.2(1)SD1, 15.2(1)SD2,15.2(1)SD3, 15.2(1)SD4, 15.2(1)SD6, 15.2(1)SD6a, 15.2(1)SD7, 15.2(1)SD8,15.2(1)SY, 15.2(1)SY0a, 15.2(1)SY1, 15.2(1)SY1a, 15.2(1)SY2, 15.2(1)SY3,15.2(1)SY4, 15.2(1)SY5, 15.2(1)SY6, 15.2(1)SY7, 15.2(1)SY8, 15.2(2)E,15.2(2)E1, 15.2(2)E10, 15.2(2)E10a, 15.2(2)E10b, 15.2(2)E10c, 15.2(2)E10d,15.2(2)E2, 15.2(2)E3, 15.2(2)E4, 15.2(2)E5, 15.2(2)E5a, 15.2(2)E5b, 15.2(2)E6,15.2(2)E7, 15.2(2)E7b, 15.2(2)E8, 15.2(2)E9, 15.2(2)E9a, 15.2(2)EA, 15.2(2)EA1,15.2(2)EA2, 15.2(2)EA3, 15.2(2)EB, 15.2(2)EB1, 15.2(2)EB2, 15.2(2)GC, 15.2(2)S,15.2(2)S0a, 15.2(2)S0c, 15.2(2)S0d, 15.2(2)S1, 15.2(2)S2, 15.2(2)SC,15.2(2)SC1, 15.2(2)SC3, 15.2(2)SC4, 15.2(2)SY, 15.2(2)SY1, 15.2(2)SY2,15.2(2)SY3, 15.2(2a)E1, 15.2(2a)E2, 15.2(2b)E, 15.2(3)E, 15.2(3)E1, 15.2(3)E2,15.2(3)E3, 15.2(3)E4, 15.2(3)E5, 15.2(3)EA, 15.2(3)GC, 15.2(3)GC1, 15.2(3a)E,15.2(3m)E2, 15.2(3m)E7, 15.2(3m)E8, 15.2(4)E, 15.2(4)E1, 15.2(4)E10,15.2(4)E10a, 15.2(4)E10b, 15.2(4)E10c, 15.2(4)E10d, 15.2(4)E10e, 15.2(4)E2,15.2(4)E3, 15.2(4)E4, 15.2(4)E5, 15.2(4)E5a, 15.2(4)E6, 15.2(4)E7, 15.2(4)E8,15.2(4)E9, 15.2(4)EA, 15.2(4)EA1, 15.2(4)EA2, 15.2(4)EA3, 15.2(4)EA4,15.2(4)EA5, 15.2(4)EA6, 15.2(4)EA7, 15.2(4)EA8, 15.2(4)EA9, 15.2(4)EA9a,15.2(4)EC1, 15.2(4)EC2, 15.2(4)GC, 15.2(4)GC1, 15.2(4)GC2, 15.2(4)GC3,15.2(4)M, 15.2(4)M1, 15.2(4)M10, 15.2(4)M11, 15.2(4)M2, 15.2(4)M3, 15.2(4)M4,15.2(4)M5, 15.2(4)M6, 15.2(4)M6a, 15.2(4)M6b, 15.2(4)M7, 15.2(4)M8, 15.2(4)M9,15.2(4)S, 15.2(4)S0c, 15.2(4)S1, 15.2(4)S1c, 15.2(4)S2, 15.2(4)S3, 15.2(4)S3a,15.2(4)S4, 15.2(4)S4a, 15.2(4)S5, 15.2(4)S6, 15.2(4)S7, 15.2(4)S8, 15.2(4m)E1,15.2(4m)E2, 15.2(4m)E3, 15.2(4n)E2, 15.2(4o)E2, 15.2(4o)E3, 15.2(4p)E1, 15.2(4q)E1,15.2(4s)E1, 15.2(5)E, 15.2(5)E1, 15.2(5)E2, 15.2(5)E2b, 15.2(5)E2c, 15.2(5)EA,15.2(5)EX, 15.2(5a)E, 15.2(5a)E1, 15.2(5b)E, 15.2(5c)E, 15.2(6)E, 15.2(6)E0a,15.2(6)E0c, 15.2(6)E1, 15.2(6)E1a, 15.2(6)E1s, 15.2(6)E2, 15.2(6)E2a,15.2(6)E2b, 15.2(6)E3, 15.2(6)EB, 15.2(7)E, 15.2(7)E0a, 15.2(7)E0b, 15.2(7)E0s,15.2(7)E1, 15.2(7)E1a, 15.2(7)E2, 15.2(7)E2a, 15.2(7)E2b, 15.2(7)E3,15.2(7)E3k, 15.2(7)E4, 15.2(7)E5, 15.2(7)E6, 15.2(7)E7, 15.2(7)E8, 15.2(7a)E0b,15.2(7b)E0b, 15.2(8)E, 15.2(8)E1, 15.2(8)E2, 15.2(8)E3, 15.2(8)E4, 15.3(0)SY,15.3(1)S, 15.3(1)S1, 15.3(1)S1e, 15.3(1)S2, 15.3(1)SY, 15.3(1)SY1, 15.3(1)SY2,15.3(1)T, 15.3(1)T1, 15.3(1)T2, 15.3(1)T3, 15.3(1)T4, 15.3(2)S, 15.3(2)S1,15.3(2)S2, 15.3(2)T, 15.3(2)T1, 15.3(2)T2, 15.3(2)T3, 15.3(2)T4, 15.3(3)M, 15.3(3)M1,15.3(3)M10, 15.3(3)M2, 15.3(3)M3, 15.3(3)M4, 15.3(3)M5, 15.3(3)M6, 15.3(3)M7,15.3(3)M8, 15.3(3)M8a, 15.3(3)M9, 15.3(3)S, 15.3(3)S1, 15.3(3)S10, 15.3(3)S1a,15.3(3)S2, 15.3(3)S2a, 15.3(3)S3, 15.3(3)S4, 15.3(3)S5, 15.3(3)S6, 15.3(3)S6a,15.3(3)S7, 15.3(3)S8, 15.3(3)S8a, 15.3(3)S9, 15.3(3)XB12, 15.4(1)CG,15.4(1)CG1, 15.4(1)S, 15.4(1)S1, 15.4(1)S2, 15.4(1)S3, 15.4(1)S4, 15.4(1)SY,15.4(1)SY1, 15.4(1)SY2, 15.4(1)SY3, 15.4(1)SY4, 15.4(1)T, 15.4(1)T1, 15.4(1)T2,15.4(1)T3, 15.4(1)T4, 15.4(2)CG, 15.4(2)S, 15.4(2)S1, 15.4(2)S2, 15.4(2)S3,15.4(2)S4, 15.4(2)SN, 15.4(2)SN1, 15.4(2)T, 15.4(2)T1, 15.4(2)T2, 15.4(2)T3,15.4(2)T4, 15.4(3)M, 15.4(3)M1, 15.4(3)M10, 15.4(3)M2, 15.4(3)M3, 15.4(3)M4,15.4(3)M5, 15.4(3)M6, 15.4(3)M6a, 15.4(3)M7, 15.4(3)M7a, 15.4(3)M8, 15.4(3)M9,15.4(3)S, 15.4(3)S0d, 15.4(3)S0e, 15.4(3)S0f, 15.4(3)S1, 15.4(3)S10, 15.4(3)S2,15.4(3)S3, 15.4(3)S4, 15.4(3)S5, 15.4(3)S6, 15.4(3)S6a, 15.4(3)S7, 15.4(3)S8,15.4(3)S9, 15.4(3)SN1, 15.4(3)SN1a, 15.5(1)S, 15.5(1)S1, 15.5(1)S2, 15.5(1)S3,15.5(1)S4, 15.5(1)SN, 15.5(1)SN1, 15.5(1)SY, 15.5(1)SY1, 15.5(1)SY10,15.5(1)SY11, 15.5(1)SY2, 15.5(1)SY3, 15.5(1)SY4, 15.5(1)SY5, 15.5(1)SY6,15.5(1)SY7, 15.5(1)SY8, 15.5(1)SY9, 15.5(1)T, 15.5(1)T1, 15.5(1)T2, 15.5(1)T3,15.5(1)T4, 15.5(2)S, 15.5(2)S1, 15.5(2)S2, 15.5(2)S3, 15.5(2)S4, 15.5(2)SN,15.5(2)T, 15.5(2)T1, 15.5(2)T2, 15.5(2)T3, 15.5(2)T4, 15.5(2)XB, 15.5(3)M,15.5(3)M0a, 15.5(3)M1, 15.5(3)M10, 15.5(3)M11, 15.5(3)M11a, 15.5(3)M11b,15.5(3)M2, 15.5(3)M2a, 15.5(3)M3, 15.5(3)M4, 15.5(3)M4a, 15.5(3)M4b, 15.5(3)M4c,15.5(3)M5, 15.5(3)M6, 15.5(3)M6a, 15.5(3)M7, 15.5(3)M8, 15.5(3)M9, 15.5(3)S,15.5(3)S0a, 15.5(3)S1, 15.5(3)S10, 15.5(3)S10a, 15.5(3)S10b, 15.5(3)S10c,15.5(3)S1a, 15.5(3)S2, 15.5(3)S3, 15.5(3)S4, 15.5(3)S5, 15.5(3)S6, 15.5(3)S6a,15.5(3)S6b, 15.5(3)S7, 15.5(3)S8, 15.5(3)S9, 15.5(3)S9a, 15.5(3)SN,15.5(3)SN0a, 15.6(1)S, 15.6(1)S1, 15.6(1)S2, 15.6(1)S3, 15.6(1)S4, 15.6(1)SN,15.6(1)SN1, 15.6(1)SN2, 15.6(1)SN3, 15.6(1)T, 15.6(1)T0a, 15.6(1)T1, 15.6(1)T2,15.6(1)T3, 15.6(2)S, 15.6(2)S1, 15.6(2)S2, 15.6(2)S3, 15.6(2)S4, 15.6(2)SN,15.6(2)SP, 15.6(2)SP1, 15.6(2)SP10, 15.6(2)SP2, 15.6(2)SP3, 15.6(2)SP4,15.6(2)SP5, 15.6(2)SP6, 15.6(2)SP7, 15.6(2)SP8, 15.6(2)SP8a, 15.6(2)SP9,15.6(2)T, 15.6(2)T0a, 15.6(2)T1, 15.6(2)T2, 15.6(2)T3, 15.6(3)M, 15.6(3)M0a,15.6(3)M1, 15.6(3)M1a, 15.6(3)M1b, 15.6(3)M2, 15.6(3)M2a, 15.6(3)M3,15.6(3)M3a, 15.6(3)M4, 15.6(3)M5, 15.6(3)M6, 15.6(3)M6a, 15.6(3)M6b, 15.6(3)M7,15.6(3)M8, 15.6(3)M9, 15.6(3)SN, 15.6(4)SN, 15.6(5)SN, 15.6(7)SN, 15.6(7)SN1,15.6(7)SN2, 15.7(3)M, 15.7(3)M0a, 15.7(3)M1, 15.7(3)M10, 15.7(3)M2, 15.7(3)M3,15.7(3)M4, 15.7(3)M4a, 15.7(3)M4b, 15.7(3)M5, 15.7(3)M6, 15.7(3)M7, 15.7(3)M8,15.7(3)M9, 15.8(3)M, 15.8(3)M0a, 15.8(3)M0b, 15.8(3)M1, 15.8(3)M10, 15.8(3)M1a,15.8(3)M2, 15.8(3)M2a, 15.8(3)M3, 15.8(3)M3a, 15.8(3)M3b, 15.8(3)M4, 15.8(3)M5,15.8(3)M6, 15.8(3)M7, 15.8(3)M8, 15.8(3)M9, 15.9(3)M, 15.9(3)M0a, 15.9(3)M1,15.9(3)M2, 15.9(3)M2a, 15.9(3)M3, 15.9(3)M3a, 15.9(3)M3b, 15.9(3)M4,15.9(3)M4a, 15.9(3)M5, 15.9(3)M6, 15.9(3)M6a, 15.9(3)M6b, 15.9(3)M7, 15.9(3)M7a
References:
Get in touch with us to explore how our Security Content Suite can optimize vulnerability management for your needs.
