CVE-2023-20198
Published Oct 16, 2023
Last updated 2 months ago
AI description
CVE-2023-20198 is a vulnerability found in the web UI feature of Cisco IOS XE Software. It involves improper path validation, which allows attackers to bypass Nginx filtering and access the webui_wsma_http web endpoint without authentication. This access enables execution of arbitrary Cisco IOS commands or configuration changes with Privilege 15. Exploitation of this vulnerability typically involves targeting two specific XML SOAP endpoints: cisco:wsma-exec for command execution and configuration changes, and cisco:wsma-config for tasks like adding new user accounts. Attackers were observed exploiting CVE-2023-20198 to gain initial access, create a local user account, and then leverage another vulnerability (CVE-2023-20273) to escalate privileges to root and install malware. Cisco IOS XE Software runs on various Cisco networking devices, including routers, switches, and wireless controllers.
- Description
- Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco IOS XE Web UI Privilege Escalation Vulnerability
- Exploit added on
- Oct 16, 2023
- Exploit action due
- Oct 20, 2023
- Required action
- Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
- psirt@cisco.com
- CWE-420
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
📌 Critical vulnerability (CVE-2023-20198) found in Cisco IOS XE. Unauthenticated attackers can execute code remotely. Update immediately. #CyberSecurity #Cisco https://t.co/Feg5LUauwI https://t.co/Z0PjZBtAOC
@CyberHub_blog
5 Jul 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Alert: China-linked Salt Typhoon exploited a critical Cisco vulnerability (CVE-2023-20198) to breach a Canadian telecom in February 2025, reported June 24, 2025. Threat: Using GRE tunnels, they stole configuration files and may target beyond telecoms, risking logistics
@tony3266
26 Jun 2025
92 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 هجوم سيبراني صيني يستهدف قطاع الاتصالات الكندي عبر ثغرة خطيرة في أنظمة @Cisco مجموعة Salt Typhoon المدعومة من الصين استغلت ثغرة CVE-2023-20198 (خطورة 10/10) لاختراق 3 أج
@cyberscastx
26 Jun 2025
862 Impressions
0 Retweets
7 Likes
1 Bookmark
1 Reply
0 Quotes
Salt Typhoon Exploits Cisco Flaw to Hack Telecom Firm – Canada Confirms Canada’s cybersecurity agency has confirmed that Chinese state-backed group Salt Typhoon exploited a critical vulnerability in Cisco IOS XE (CVE-2023-20198) to breach telecom infrastructure. The attack
@ChbibAnas
25 Jun 2025
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-20198: Cisco IOS XE Authentication Bypass RCE https://t.co/LyRYBCuuVv
@freedomhack101
25 Jun 2025
112 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Aduh, kebobolan lagi! Hacker China (Salt Typhoon) berhasil jebol telecom Kanada pakai celah Cisco CVE-2023-20198 yang udah dipatch sejak Oktober 2023. Tiga perangkat jaringan kena hack di Februari 2025. Padahal patchnya udah lama ada. source : arstechnica #arxidmedia https://t.co
@arxidmedia
25 Jun 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Canadian Centre for Cyber Security reports that the state-sponsored 'Salt Typhoon' hacking group targeted Canadian telecom firms in February 2025, exploiting CVE-2023-20198, compromising devices, and modifying configuration files for traffic collection. #Security https://t.co
@Strivehawk
25 Jun 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-20198 #Cisco IOS XE Authentication Bypass #RCE https://t.co/FFpKqitWP9
@minacrissDev_
24 Jun 2025
2941 Impressions
9 Retweets
30 Likes
13 Bookmarks
0 Replies
0 Quotes
Canadian telecom companies are recent victims of an attack by China's #SaltTyphoon APT group leveraging CVE-2023-20198, a vulnerability disclosed in Oct '23. The breaches reveal a dangerous blind spot in how we secure critical network infrastructure. Blog: https://t.co/KGfV0wxTNn
@eclypsium
24 Jun 2025
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
China-linked #Salt_Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom Canada says Salt Typhoon hacked telecom firm via Cisco flaw(CVE-2023-20198) https://t.co/xks8Xtu0fg https://t.co/aOHbODNa9W
@freedomhack101
24 Jun 2025
102 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Recent cyber espionage includes Russian APT28 targeting Ukraine with cloud API backdoors and Chinese Salt Typhoon exploiting CVE-2023-20198 to attack Canadian telecoms. Ransomware hits Disneyland Paris & Michigan healthcare. 🚨 #Russia #Canada https://t.co/ThwU7Kyt1q
@TweetThreatNews
24 Jun 2025
364 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Shodan Dork para CVE-2023-20198: "http.html_hash:1076109428" escalado de privilegios en la interfaz de usuario web (IU) de Cisco IOS XE (CVE-2023-20198 gravedad 10.0) en routers y switches Cisco, incluyendo serie ASR 1000 #hackingyseguridad https://t.co/YufF5nhc2d
@antonio_taboada
24 Jun 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 China-linked Salt Typhoon exploits critical Cisco flaw (CVE-2023-20198) to breach Canadian telecom—GRE tunnels used for espionage. 🔗 Read more:https://t.co/F5vFQIjojY #CyberSecurity #Cisco #Fortinet #ChinaHackers #Infosec #TechNews https://t.co/mttNe6kLgr
@techpio_team
24 Jun 2025
58 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🧵1/ 🚨 BREAKING: China-Linked APT Group “Salt Typhoon” Hacks Canadian Telecom via Cisco Zero-Day A new joint advisory by 🇨🇦Canada & 🇺🇸FBI reveals a Chinese espionage campaign exploiting Cisco IOS XE (CVE-2023-20198) to steal telecom data. Here’s what w
@cybrhoodsentinl
24 Jun 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
24/06/2025 China-linked Salt Typhoon exploits critical Cisco vulnerability CVE-2023-20198 (CVSS 10.0) to breach Canadian telecoms in a major cyber espionage campaign. ⚠️ Stay alert and patch immediately! Source: https://t.co/4UHsOKQlBw
@kernyx64
24 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أصدر المركز الكندي للأمن السيبراني ومكتب التحقيقات الفيدرالي تحذيرًا من هجمات سيبرانية مرتبطة بمجموعة "Salt Typhoon" الصينية تستهدف مزودي الاتصالات العالم
@Cybercachear
24 Jun 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
カナダの通信会社がSalt TyphoonにハッキングされたCVE-2023-20198の脆弱性 https://t.co/Hl72PCvPQ4 #Security #セキュリティ #ニュース
@SecureShield_
24 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Canadian Centre for Cyber Security and the FBI report that the Chinese state-sponsored group 'Salt Typhoon' hacked a Canadian telecom provider in February 2025 by exploiting the CVE-2023-20198 Cisco IOS XE vulnerability. https://t.co/GKAjZOeN8g
@securityRSS
23 Jun 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
カナダの電気通信事業者への中国Salt Typhoonによる侵入はシスコ社機器の脆弱性によるものだと、カナダサイバーセキュリティセンター。2025年2月のインシデントで、未パッチだったCVE-2023-20198が使用された。GRE
@__kokumoto
23 Jun 2025
1494 Impressions
6 Retweets
18 Likes
4 Bookmarks
0 Replies
0 Quotes
Salt Typhoon exploited CVE-2023-20198 to breach Canadian telecoms in Feb 2025, enabling remote device control & traffic interception. Ongoing threats highlight the need for robust network defenses. 🇨🇦 #NetworkSecurity #CiscoVuln #Canada https://t.co/raM71URT4F
@TweetThreatNews
23 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chinese threat group Salt Typhoon targeted Canadian telecoms, exploiting CVE-2023-20198 to steal call records and sensitive data. Vigilance needed as national security risks grow. 🇨🇦 #SaltTyphoon #Telecom #CyberAttack https://t.co/jp0DGnkiKg
@TweetThreatNews
23 Jun 2025
114 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Case study ofidentifying the technical details of previously-unknown Cisco iOS XE command-injection vulnerability (what ended up becoming CVE-2023-20198) in Oct '23, and we brought the receipts. Excited to find even more 0days and Ndays in the wild this year.
@minacrissDev_
6 Jun 2025
698 Impressions
1 Retweet
3 Likes
3 Bookmarks
0 Replies
0 Quotes
Case study of @GreyNoiseIO identifying the technical details of previously-unknown Cisco iOS XE command-injection vulnerability (what ended up becoming CVE-2023-20198) in Oct '23, and we brought the receipts. Excited to find even more 0days and Ndays in the wild this year. https
@minacrissDev_
14 May 2025
1416 Impressions
1 Retweet
8 Likes
2 Bookmarks
4 Replies
0 Quotes
🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit: https://t.co/wwu3ocZy65 https://t.co/kBh9qxP3lw
@DarkWebInformer
6 May 2025
12277 Impressions
41 Retweets
167 Likes
109 Bookmarks
1 Reply
0 Quotes
Question 2 - Amelia Larson (refresh for new alias) An extremely advanced infiltration codenamed "Salt Typhoon" referencing CVE-2018-0171 and CVE-2023-20198 is threatening Canada's security. This question is far more difficult than previous ones, with three distinct part @NSAGov
@EnigmaTyphoon
31 Mar 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
amphetamine is not prescribed in china at most you get 15mg concerta per day; so you guys still got CVE-2018-0171 and CVE-2023-20198 and didn't know how to patch huh? @NSAGov spanking H1B spanking ... the systemic problems remain
@EnigmaTyphoon
30 Mar 2025
103 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
naive same in same out diff reinforced prompt; Fully implement all parts of problem 2: you are analyst whomever and your job is to help prevent Canada from being vulnerable to CVE-2023-20198 and CVE-2023-20273 which are the two zero day exploits behind the "Salt Typhoon" https://
@EnigmaTyphoon
27 Mar 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ok @JustinTrudeau For problem 1, you are insert randomly distributed Canadian name by gender and language spoken, dynamically random, you are analyst whomever and your job is to help prevent Canada from being vulnerable to CVE-2023-20198 and CVE-2023-20273 which are the two zero
@EnigmaTyphoon
27 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Vulnerability Exploitation My research indicates that the Salt Typhoon hacking group has been actively exploiting vulnerabilities, specifically CVE-2023-20198 and CVE-2023-20273, in Cisco IOS XE software. These exploits have been used to target telecom providers globally,
@EnigmaTyphoon
27 Mar 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-20198 and CVE-2023-20273.
@EnigmaTyphoon
27 Mar 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
3 Mar 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A kínai hekkerek újabb amerikai távközlési szolgáltatókat támadtak meg nem frissített Cisco routereken keresztül Egyre komolyabb a fenyegetés, amit a Cisco sebezhetőségei okoznak a globális távközlési szektorban. Cisco routerek Salt Typhoon kiberháború CVE-2023-20198 CVE-…
@linuxmint_hun
1 Mar 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recorded Future社がCisco IOS XEのCVE-2023-20198を悪用してSalt Typhoonの攻撃が行われたことを報告(ただCisco社公式では未確認)したり、GreyNoise社が活発な攻撃を観測したりということで久しぶりに調査。Shodanで43750台を特定し39676台は現在も公開中で内55%の21714台は脆弱な可能性ありです。 https://t.co/ZkVV8fAiZU
@nekono_naha
26 Feb 2025
2226 Impressions
4 Retweets
21 Likes
11 Bookmarks
0 Replies
1 Quote
🚨 Ongoing attacks linked to the Salt Typhoon group exploit Cisco vulnerabilities CVE-2018-0171 and CVE-2023-20198, targeting telecom sectors. Significant breaches reported. #CiscoSecurity #China #VulnerabilityExploitation link: https://t.co/T2RU9MUNaZ https://t.co/RW7WZeshHE
@TweetThreatNews
26 Feb 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
シスコ社ネットワーク機器の脆弱性CVE-2023-20198を110のIPアドレスが積極的に攻撃している。GreyNoise社報告。中国のSalt Typhoon集団による大手電気通信事業者へのハッキングと関連しており、CVE-2018-0171の悪用も見られる。 https://t.co/LRya8zN4EO
@__kokumoto
25 Feb 2025
720 Impressions
0 Retweets
5 Likes
6 Bookmarks
0 Replies
0 Quotes
Cisco機器を標的とした攻撃が活発化し、国家支援グループを含む攻撃者が未修正の脆弱性を悪用。 CVE-2023-20198(特権昇格, CVSS 10.0)は110の悪意あるIP(ブルガリア38%、ブラジル27%、シンガポール19%)から攻撃され、攻撃件数は2024年10月以降3倍に増加。 また、7年前のCVE-2018-0171(Smart… https://t.co/PW34ciL9Ne
@yousukezan
25 Feb 2025
2275 Impressions
2 Retweets
24 Likes
8 Bookmarks
0 Replies
0 Quotes
🚨 Exploitation: Salt Typhoon-Linked CVEs 🚨 🔹 CVE-2023-20198 – 110+ IPs (🇧🇬🇧🇷🇸🇬) 🔹 CVE-2018-0171 – Attempts from 🇨🇭🇺🇸https://t.co/4XtqUm2Pds #salttyphoon #cve
@GreyNoiseIO
24 Feb 2025
1007 Impressions
2 Retweets
8 Likes
5 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
22 Feb 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
19 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🔒 Cyber Alert: Chinese hackers (Salt Typhoon) breached 1,000+ Cisco routers via CVE-2023-20198 & CVE-2023-20273. Targets: U.S. gov, law enforcement, telecoms. Patch IOS XE now! Disable public admin access. Full report: https://t.co/wuzeZ1NBQ6 #CyberSecurity #Cisco
@BeaconPulseLtd
18 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
RedMike is exploiting CVE-2023-20198 & CVE-2023-20273 to target 1,000+ Cisco devices in a global espionage campaign. More details: 🔗 https://t.co/BXKNfGoZyw #CyberSecurity #ThreatIntelligence
@adriananglin
18 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chinese Hackers Breach U.S. Telecoms via Unpatched Cisco Routers! Salt Typhoon exploits Cisco IOS XE flaws (CVE-2023-20198, CVE-2023-20273) to infiltrate U.S. telecoms, government networks, & law enforcement wiretaps! Over 1,000 devices targeted globally! 🌍 Patch immediate
@dCypherIO
17 Feb 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
17 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
16 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2023-20198
@transilienceai
15 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Another telecom breach via unpatched Cisco routers, with China’s Salt Typhoon hackers still exploiting CVE-2023-20198 and CVE-2023-20273. If you're running Cisco IOS XE, patch NOW or risk being the next victim. #CyberSecurity #ZeroDay #NetworkSecurity #DataBreach #PatchNow https:
@robbebel
14 Feb 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
El grupo cibercriminal Salt Typhoon hackeó a proveedores de telecomunicaciones estadounidenses a través de dispositivos de red Cisco IOS XE sin parches, explotado las vulnerabilidades CVE-2023-20198 y CVE-2023-20273. 🧉 https://t.co/Eg3aC2FzbN
@MarquisioX
14 Feb 2025
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Salt Typhoon sfrutta vulnerabilità nei dispositivi Cisco Sicurezza Informatica, cisco, CVE-2023-20198, cyber spionaggio, evidenza, guerra cibernetica, RedMike, Salt Typhoon, sanzioni, telecomunicazioni, USA, vulnerabilità https://t.co/facOxtlHtQ https://t.co/sSQbNCmWWq
@matricedigitale
14 Feb 2025
29 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Insikt Group reported that the Chinese state-sponsored group RedMike exploited unpatched Cisco devices in global telecoms, using vulnerabilities CVE-2023-20198 and CVE-2023-20273 for persistent access and data exfiltration. #Cybersecurity https://t.co/nDqfmnKj4y
@Cyber_O51NT
13 Feb 2025
151 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2024-20356: https://t.co/b3SJunTBHe 2. "Randar" Minecraft Exploit: Explanation and Information https://t.co/1SZ69aiDJH 3. CVE-2023-20198: Cisco IOS XE Privilege Escalation https://t.co/KibbxvO9gJ
@ksg93rd
23 Nov 2024
136 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A45C356A-6A37-4DB6-8D25-546B364076D5",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "11AA4EEB-01CC-4D7D-BED0-26D208667FB4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5800_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57E85D08-12AA-4EC4-946A-3F0614F2E45E",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "832EFFE6-1C38-47B9-95F1-F3FBC785FA27"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C8A350D-6C3A-430F-9763-5D167C5CEAE5",
"versionEndExcluding": "16.12.10a",
"versionStartIncluding": "16.12"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEA2169A-BE52-48B4-8967-D99A4BCAFF58",
"versionEndExcluding": "17.3.8a",
"versionStartIncluding": "17.3"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "281561C8-E24D-4AC1-B1F8-1D32171B9A2F",
"versionEndExcluding": "17.6.6a",
"versionStartIncluding": "17.6"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B628DA7F-32AA-459B-95A6-AF3BFC0E765C",
"versionEndExcluding": "17.9.4a",
"versionStartIncluding": "17.9"
}
],
"operator": "OR"
}
]
}
]