CISA known exploited database update

config/known_exploited_vulnerabilities.csv

@@ -1018,6 +1018,7 @@
 "CVE-2023-41763","Microsoft","Skype for Business","Microsoft Skype for Business Privilege Escalation Vulnerability","2023-10-10","Microsoft Skype for Business contains an unspecified vulnerability that allows for privilege escalation.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-10-31","Unknown","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-41763"
 "CVE-2023-36563","Microsoft","WordPad","Microsoft WordPad Information Disclosure Vulnerability","2023-10-10","Microsoft WordPad contains an unspecified vulnerability that allows for information disclosure.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-10-31","Unknown","https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-36563"
 "CVE-2023-44487","IETF","HTTP/2","HTTP/2 Rapid Reset Attack Vulnerability","2023-10-10","HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS).","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-10-31","Unknown","https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/"
-"CVE-2023-20198","Cisco","IOS XE Web UI","Cisco IOS XE Web UI Privilege Escalation Vulnerability","2023-10-16","Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.","Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.","2023-10-20","Unknown","https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z"
+"CVE-2023-20198","Cisco","IOS XE Web UI","Cisco IOS XE Web UI Privilege Escalation Vulnerability","2023-10-16","Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device.","Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.","2023-10-20","Unknown","https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-xe-dublin-17121/221128-software-fix-availability-for-cisco-ios.html"
 "CVE-2023-4966","Citrix","NetScaler ADC and NetScaler Gateway","Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","2023-10-18","Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-08","Unknown","https://support.citrix.com/article/CTX579459/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20234966-and-cve20234967"
-"CVE-2021-1435","Cisco","Cisco IOS XE Web UI","Cisco IOS XE Web UI Command Injection Vulnerability","2023-10-19","Cisco IOS XE contains a command injection vulnerability in the web user interface that could allow a remote, authenticated attacker to inject commands that can be executed as the root user.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-10-25","Unknown","https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/"
+"CVE-2023-20273","Cisco","Cisco IOS XE Web UI","Cisco IOS XE Web UI Command Injection Vulnerability","2023-10-23","Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited to deploy the implant. CVE-2021-1435, previously associated with the exploitation events, is no longer believed to be related to this activity.","Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.","2023-10-27","Unknown","https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z"
+"CVE-2023-5631","Roundcube","Webmail","Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","2023-10-26","Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that allows a remote attacker to run malicious JavaScript code.","Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","2023-11-16","Unknown","https://roundcube.net/news/2023/10/16/security-update-1.6.4-released, https://roundcube.net/news/2023/10/16/security-updates-1.5.5-and-1.4.15"