Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-20003

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-18 May, 2023 | 00:00
Updated At-25 Oct, 2024 | 15:58
Rejected At-
Credits

Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:18 May, 2023 | 00:00
Updated At:25 Oct, 2024 | 15:58
Rejected At:
▼CVE Numbering Authority (CNA)
Cisco Business Wireless Access Points Social Login Guest User Authentication Bypass Vulnerability

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Business Wireless Access Point Software
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
CWECWE-288CWE-288
Type: CWE
CWE ID: CWE-288
Description: CWE-288
Metrics
VersionBase scoreBase severityVector
3.14.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZ
vendor-advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZ
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZ
vendor-advisory
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZ
Resource:
vendor-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:18 May, 2023 | 03:15
Updated At:07 Nov, 2023 | 04:05

A vulnerability in the social login configuration option for the guest users of Cisco Business Wireless Access Points (APs) could allow an unauthenticated, adjacent attacker to bypass social login authentication. This vulnerability is due to a logic error with the social login implementation. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the Guest Portal without authentication.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary3.14.7MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>business_140ac_access_point_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_140ac_access_point_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_140ac_access_point>>-
cpe:2.3:h:cisco:business_140ac_access_point:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_141acm_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_141acm_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_141acm>>-
cpe:2.3:h:cisco:business_141acm:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_142acm_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_142acm_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_142acm>>-
cpe:2.3:h:cisco:business_142acm:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_143acm_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_143acm_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_143acm>>-
cpe:2.3:h:cisco:business_143acm:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_151axm_firmware>>10.4.2
cpe:2.3:o:cisco:business_151axm_firmware:10.4.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_151axm>>-
cpe:2.3:h:cisco:business_151axm:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_145ac_access_point_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_145ac_access_point_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_145ac_access_point>>-
cpe:2.3:h:cisco:business_145ac_access_point:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_150ax_access_point_firmware>>10.4.2
cpe:2.3:o:cisco:business_150ax_access_point_firmware:10.4.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_150ax_access_point>>-
cpe:2.3:h:cisco:business_150ax_access_point:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_240ac_access_point_firmware>>Versions before 10.8.1.0(exclusive)
cpe:2.3:o:cisco:business_240ac_access_point_firmware:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>business_240ac_access_point>>-
cpe:2.3:h:cisco:business_240ac_access_point:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-306Primarynvd@nist.gov
CWE-288Secondaryykramarz@cisco.com
CWE ID: CWE-306
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-288
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZykramarz@cisco.com
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-auth-bypass-ggnAfdZ
Source: ykramarz@cisco.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

110Records found
CVE-2021-33017
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.1||HIGH
EPSS-0.11% / 30.76%
||
7 Day CHG~0.00%
Published-27 Dec, 2021 | 18:48
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Philips IntelliBridge EC 40 and EC 80 Hub Authentication Bypass Using an Alternate Path or Channel

The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication.

Action-Not Available
Vendor-Philips
Product-intellibridge_ec80intellibridge_ec40intellibridge_ec40_firmwareintellibridge_ec80_firmwareIntelliBridge EC 40 HubIntelliBridge EC 80 Hub
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-25268
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-0.05% / 15.46%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 07:00
Updated-11 Jul, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated Configuration Access via Exposed API Endpoint

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3100charx_sec-3150charx_sec-3050_firmwarecharx_sec-3050charx_sec-3100_firmwarecharx_sec-3150_firmwarecharx_sec-3000_firmwarecharx_sec-3000CHARX SEC-3050CHARX SEC-3150CHARX SEC-3100CHARX SEC-3000
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-27255
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-6.3||MEDIUM
EPSS-1.67% / 81.33%
||
7 Day CHG~0.00%
Published-05 Mar, 2021 | 20:00
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the refresh_status.aspx endpoint. The issue results from a lack of authentication required to start a service on the server. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12360.

Action-Not Available
Vendor-NETGEAR, Inc.
Product-br500_firmwarerbk12rbk43sbr500ex6150v2_firmwarer8900_firmwarerbr40_firmwarerbk23_firmwarerbk14_firmwarerbk15_firmwareex6410ex6420_firmwareex7300v2_firmwarebr200_firmwareex6250_firmwarerbk53_firmwarexr500_firmwarexr700_firmwarerbk15xr450_firmwareex7300rbk12_firmwarerbs40rbs50y_firmwarer8900rbs40_firmwarer9000_firmwarerbr10rbs10_firmwarerbk43_firmwareex6410_firmwarerbs20rbs50_firmwarerbs50yr9000ex6400v2ex6100v2ex7700_firmwarer7800rbk23rbs10r7800_firmwareex6100v2_firmwarerbk20_firmwarexr450xr700ex6400rbk43s_firmwarerbk20ex6400_firmwarerbk14ex7300_firmwarerbk44_firmwarerbs20_firmwarebr200d7800rbk44ex6150v2ex8000rbk40ex7320_firmwarerbr20rbk40_firmwarerbk13xr500ex6400v2_firmwareex6420ex7300v2d7800_firmwarerbk43ex8000_firmwareex6250rbr10_firmwarerbr40rbs50rbr50_firmwarerbr50ex7700rbk13_firmwarelbr20rbr20_firmwareex7320rbk50rbk53lbr20_firmwarerbk50_firmwareR7800
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-20702
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-0.09% / 25.62%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 06:20
Updated-05 Aug, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Airoha Technology Corp.
Product-AB156x, AB157x, AB158x, AB159x series, AB1627
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2025-20700
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 06:19
Updated-05 Aug, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Airoha Technology Corp.
Product-AB156x, AB157x, AB158x, AB159x series, AB1627
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-3496
Matching Score-4
Assigner-Toshiba Corporation
ShareView Details
Matching Score-4
Assigner-Toshiba Corporation
CVSS Score-8.8||HIGH
EPSS-0.05% / 16.03%
||
7 Day CHG~0.00%
Published-14 Jun, 2024 | 04:13
Updated-19 Aug, 2024 | 12:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authentication Bypass Vulnerability

Attackers can bypass the web login authentication process to gain access to the printer's system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference URL.

Action-Not Available
Vendor-Toshiba Tec Corporationtoshibatec
Product-Toshiba Tec e-Studio multi-function peripheral (MFP)e-studio-3028-ae-studio-3525_ace-studio-4615_ace-studio-2525_ace-studio-2010-ace-studio-6525_acge-studio-3525_acge-studio-5528-ae-studio-2615-nce-studio-3015-nce-studio-3528-ae-studio-6528-ae-studio-3528-age-studio-6526-ace-studio-2518_ae-studio-4528-ae-studio-6525_ace-studio-7527-ace-studio-3018_ae-studio-2521_ace-studio-9029-ae-studio-400-ace-studio-2020_ace-studio-2520_nce-studio-2510-ace-studio-4528-age-studio-2610-ace-studio-3615-nce-studio-2618_ae-studio-7529-ae-studio-2110-ace-studio-6529-ae-studio-3025_ace-studio-2021_ace-studio-5115_ace-studio-3118_age-studio-5525_acge-studio-5015_ace-studio-3118_ae-studio-2018_ae-studio-4515_ace-studio-3115-nce-studio-3515-nce-studio-2528-ae-studio-2015-nce-studio-4525_ace-studio-2515-nce-studio-330-ace-studio-5525_ace-studio-6527-ac
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2024-31814
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.59%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 00:00
Updated-18 Mar, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login function.

Action-Not Available
Vendor-n/aTOTOLINK
Product-ex200_firmwareex200n/aex200_firmware
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2024-23783
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.24% / 46.78%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 10:02
Updated-25 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.

Action-Not Available
Vendor-sharpSHARP CORPORATION
Product-jh-rvb1_firmwarejh-rvb1jh-rv11_firmwarejh-rv11Energy Management Controller with Cloud Services
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-47130
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.7||HIGH
EPSS-0.10% / 28.83%
||
7 Day CHG+0.03%
Published-26 Sep, 2024 | 17:30
Updated-17 Oct, 2024 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing Authentication for Critical Function in goTenna Pro

The goTenna Pro App allows unauthenticated attackers to remotely update the local public keys used for P2P and group messages. It is advised to update your app to the current release for enhanced encryption protocols.

Action-Not Available
Vendor-gotennagoTennagotenna
Product-gotenna_proPropro_app
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-26637
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-8.8||HIGH
EPSS-0.93% / 75.19%
||
7 Day CHG~0.00%
Published-22 Jun, 2022 | 13:55
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SiHAS Improper Authentication vulnerability

There is no account authentication and permission check logic in the firmware and existing apps of SiHAS's SGW-300, ACM-300, GCM-300, so unauthorized users can remotely control the device.

Action-Not Available
Vendor-shinasysShina System Co.,Ltd
Product-sihas_sgw-300sihas_acm-300sihas_sgw-300_firmwaresihas_gcm-300sihas_gcm-300_firmwaresihas_acm-300_firmwareSiHAS firmwareSiHAS old app
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-862
Missing Authorization
CWE ID-CWE-306
Missing Authentication for Critical Function
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found