A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios_xe | Cisco | 16.2.2 (including) | 16.2.2 (including) |
| Ios_xe | Cisco | 16.3.1 (including) | 16.3.1 (including) |
| Ios_xe | Cisco | 16.3.1a (including) | 16.3.1a (including) |
| Ios_xe | Cisco | 16.3.2 (including) | 16.3.2 (including) |
| Ios_xe | Cisco | 16.3.3 (including) | 16.3.3 (including) |
| Ios_xe | Cisco | 16.3.4 (including) | 16.3.4 (including) |
| Ios_xe | Cisco | 16.3.5 (including) | 16.3.5 (including) |
| Ios_xe | Cisco | 16.3.5b (including) | 16.3.5b (including) |
| Ios_xe | Cisco | 16.3.6 (including) | 16.3.6 (including) |
| Ios_xe | Cisco | 16.3.7 (including) | 16.3.7 (including) |
| Ios_xe | Cisco | 16.3.8 (including) | 16.3.8 (including) |
| Ios_xe | Cisco | 16.3.9 (including) | 16.3.9 (including) |
| Ios_xe | Cisco | 16.3.10 (including) | 16.3.10 (including) |
| Ios_xe | Cisco | 16.4.1 (including) | 16.4.1 (including) |
| Ios_xe | Cisco | 16.4.2 (including) | 16.4.2 (including) |
| Ios_xe | Cisco | 16.4.3 (including) | 16.4.3 (including) |
| Ios_xe | Cisco | 16.5.1 (including) | 16.5.1 (including) |
| Ios_xe | Cisco | 16.5.1a (including) | 16.5.1a (including) |
| Ios_xe | Cisco | 16.5.1b (including) | 16.5.1b (including) |
| Ios_xe | Cisco | 16.5.2 (including) | 16.5.2 (including) |
| Ios_xe | Cisco | 16.5.3 (including) | 16.5.3 (including) |
| Ios_xe | Cisco | 16.6.1 (including) | 16.6.1 (including) |
| Ios_xe | Cisco | 16.6.2 (including) | 16.6.2 (including) |
| Ios_xe | Cisco | 16.6.3 (including) | 16.6.3 (including) |
| Ios_xe | Cisco | 16.6.4 (including) | 16.6.4 (including) |
| Ios_xe | Cisco | 16.6.4a (including) | 16.6.4a (including) |
| Ios_xe | Cisco | 16.6.4s (including) | 16.6.4s (including) |
| Ios_xe | Cisco | 16.6.5 (including) | 16.6.5 (including) |
| Ios_xe | Cisco | 16.6.5a (including) | 16.6.5a (including) |
| Ios_xe | Cisco | 16.6.5b (including) | 16.6.5b (including) |
| Ios_xe | Cisco | 16.6.6 (including) | 16.6.6 (including) |
| Ios_xe | Cisco | 16.6.7 (including) | 16.6.7 (including) |
| Ios_xe | Cisco | 16.6.7a (including) | 16.6.7a (including) |
| Ios_xe | Cisco | 16.6.8 (including) | 16.6.8 (including) |
| Ios_xe | Cisco | 16.7.1 (including) | 16.7.1 (including) |
| Ios_xe | Cisco | 16.7.1a (including) | 16.7.1a (including) |
| Ios_xe | Cisco | 16.7.1b (including) | 16.7.1b (including) |
| Ios_xe | Cisco | 16.7.2 (including) | 16.7.2 (including) |
| Ios_xe | Cisco | 16.7.3 (including) | 16.7.3 (including) |
| Ios_xe | Cisco | 16.7.4 (including) | 16.7.4 (including) |
| Ios_xe | Cisco | 16.8.1 (including) | 16.8.1 (including) |
| Ios_xe | Cisco | 16.8.1a (including) | 16.8.1a (including) |
| Ios_xe | Cisco | 16.8.1b (including) | 16.8.1b (including) |
| Ios_xe | Cisco | 16.8.1c (including) | 16.8.1c (including) |
| Ios_xe | Cisco | 16.8.1d (including) | 16.8.1d (including) |
| Ios_xe | Cisco | 16.8.1e (including) | 16.8.1e (including) |
| Ios_xe | Cisco | 16.8.1s (including) | 16.8.1s (including) |
| Ios_xe | Cisco | 16.8.2 (including) | 16.8.2 (including) |
| Ios_xe | Cisco | 16.8.3 (including) | 16.8.3 (including) |
| Ios_xe | Cisco | 16.9.1 (including) | 16.9.1 (including) |
| Ios_xe | Cisco | 16.9.1a (including) | 16.9.1a (including) |
| Ios_xe | Cisco | 16.9.1b (including) | 16.9.1b (including) |
| Ios_xe | Cisco | 16.9.1c (including) | 16.9.1c (including) |
| Ios_xe | Cisco | 16.9.1d (including) | 16.9.1d (including) |
| Ios_xe | Cisco | 16.9.1s (including) | 16.9.1s (including) |
| Ios_xe | Cisco | 16.9.2 (including) | 16.9.2 (including) |
| Ios_xe | Cisco | 16.9.2a (including) | 16.9.2a (including) |
| Ios_xe | Cisco | 16.9.2s (including) | 16.9.2s (including) |
| Ios_xe | Cisco | 16.9.3 (including) | 16.9.3 (including) |
| Ios_xe | Cisco | 16.9.3a (including) | 16.9.3a (including) |
| Ios_xe | Cisco | 16.9.3h (including) | 16.9.3h (including) |
| Ios_xe | Cisco | 16.9.3s (including) | 16.9.3s (including) |
| Ios_xe | Cisco | 16.9.4 (including) | 16.9.4 (including) |
| Ios_xe | Cisco | 16.9.4c (including) | 16.9.4c (including) |
| Ios_xe | Cisco | 16.9.5 (including) | 16.9.5 (including) |
| Ios_xe | Cisco | 16.9.5f (including) | 16.9.5f (including) |
| Ios_xe | Cisco | 16.10.1 (including) | 16.10.1 (including) |
| Ios_xe | Cisco | 16.10.1a (including) | 16.10.1a (including) |
| Ios_xe | Cisco | 16.10.1b (including) | 16.10.1b (including) |
| Ios_xe | Cisco | 16.10.1c (including) | 16.10.1c (including) |
| Ios_xe | Cisco | 16.10.1d (including) | 16.10.1d (including) |
| Ios_xe | Cisco | 16.10.1e (including) | 16.10.1e (including) |
| Ios_xe | Cisco | 16.10.1f (including) | 16.10.1f (including) |
| Ios_xe | Cisco | 16.10.1g (including) | 16.10.1g (including) |
| Ios_xe | Cisco | 16.10.1s (including) | 16.10.1s (including) |
| Ios_xe | Cisco | 16.10.2 (including) | 16.10.2 (including) |
| Ios_xe | Cisco | 16.10.3 (including) | 16.10.3 (including) |
| Ios_xe | Cisco | 16.11.1 (including) | 16.11.1 (including) |
| Ios_xe | Cisco | 16.11.1a (including) | 16.11.1a (including) |
| Ios_xe | Cisco | 16.11.1b (including) | 16.11.1b (including) |
| Ios_xe | Cisco | 16.11.1c (including) | 16.11.1c (including) |
| Ios_xe | Cisco | 16.11.1s (including) | 16.11.1s (including) |
| Ios_xe | Cisco | 16.12.1y (including) | 16.12.1y (including) |