CVE-2023-20198
Published Oct 16, 2023
Last updated 13 days ago
AI description
CVE-2023-20198 is a vulnerability found in the web UI feature of Cisco IOS XE Software. It involves improper path validation, which allows attackers to bypass Nginx filtering and access the webui_wsma_http web endpoint without authentication. This access enables execution of arbitrary Cisco IOS commands or configuration changes with Privilege 15. Exploitation of this vulnerability typically involves targeting two specific XML SOAP endpoints: cisco:wsma-exec for command execution and configuration changes, and cisco:wsma-config for tasks like adding new user accounts. Attackers were observed exploiting CVE-2023-20198 to gain initial access, create a local user account, and then leverage another vulnerability (CVE-2023-20273) to escalate privileges to root and install malware. Cisco IOS XE Software runs on various Cisco networking devices, including routers, switches, and wireless controllers.
- Description
- Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- allen-bradley_stratix_5200_firmware, allen-bradley_stratix_5800_firmware, ios_xe
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco IOS XE Web UI Privilege Escalation Vulnerability
- Exploit added on
- Oct 16, 2023
- Exploit action due
- Oct 20, 2023
- Required action
- Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
- psirt@cisco.com
- CWE-420
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
What is the critical vulnerability being exploited in the ongoing cyber attacks targeting unpatched Cisco IOS XE devices in Australia, linked to the implant known as BADCANDY? A) CVE-2021-34527 B) CVE-2023-20198 C) CVE-2022-12345 D) CVE-2023-10554
@cyb3rshi3ld
9 Nov 2025
402 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@Niatahsini
8 Nov 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[MàJ] Multiples vulnérabilités dans Cisco IOS XE (17 octobre 2023) — \[Mise à jour du 02 novembre 2023\] La version 17.3.8a est disponible. \[Mise à jour du 31 octobre 2023\] Les détails techniques de la vulnérabilité CVE-2023-20198 sont désormais disponibles publiquem
@RotateKeys
7 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨 Cisco IOS XE ALERT — BadCandy(CVE-2023-20198) 🧨 BadCandy web-shell attacks exploiting CVE-2023-20198 have been actively reported. Unpatched IOS XE devices are at risk of full compromise(attacker can obtain level-15/admin privileges and install a webshell). Immediate che
@CriminalIP_US
5 Nov 2025
884 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
🧨 Cisco IOS XE 긴급경고 — BadCandy (CVE-2023-20198) 🧨 CVE-2023-20198 취약점을 악용한 BadCandy 웹셸 공격이 활발히 보고되고 있습니다. 패치되지 않은 IOS XE 장치는 관리자 권한(레벨15) 탈취 및 웹셸 설치로 완전 장악될 위
@CriminalIP_KR
5 Nov 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨 Cisco IOS XE 緊急警告 — #BadCandy (CVE-2023-20198) 🧨 CVE-2023-20198 を悪用する BadCandy ウェブシェル攻撃が活発に報告されています。パッチ未適用の IOS XE https://t.co/663SPPs64L
@CriminalIP_JP
5 Nov 2025
148 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers just come back 453 #snaphack #Snapgod #buyingcontent #content #championsleaugue https://t.co/0XmBfaiMQz
@HarumLatief
4 Nov 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🇦🇺 Australia's ASD warns of 'BADCANDY' malware attacks on Cisco IOS XE devices. Hackers are exploiting critical flaw CVE-2023-20198 to take over routers. 150+ devices infected in October alone. #Cisco #CyberSecurity #BADCANDY #PatchNow 🔗 https://t.co/NoQYWhjISv
@NetSecIO
4 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Cisco IOS XE BADCANDY: Attackers Detect Implant Removal and Re-Exploit Immediately Australia's Signals Directorate warns BADCANDY operators watch you delete their implant—then immediately re-exploit CVE-2023-20198. What's clever: actors scan for unpatched IOS XE devi
@the_c_protocol
3 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alertan de ataques contra equipos de Cisco IOS XE Se emitió una nueva advertencia sobre ataques activos contra equipos Cisco IOS XE que no han sido actualizados frente a la vulnerabilidad CVE-2023-20198 (CVSS 10.0). Es una falla que permite a un atacante remoto crear u
@CycuraMX
3 Nov 2025
3334 Impressions
18 Retweets
45 Likes
14 Bookmarks
0 Replies
0 Quotes
Australia's ASD warns of 400+ Cisco IOS XE devices compromised by BadCandy webshell malware due to CVE-2023-20198, allowing remote attackers to create admin accounts. Organizations should patch affected devices, follow vendor guidelines, and guard against state-sponsored actors
@bigmacd16684
3 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ASD warns of active BADCANDY implant attacks exploiting critical CVE-2023-20198 on unpatched Cisco IOS XE. Patch now! 🚨 https://t.co/jENfCa4rKF #Cisco #IOSXE #BADCANDY #CyberSecurity
@0xT3chn0m4nc3r
3 Nov 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Australian Signals Directorate (ASD) has issued an alert about a new wave of BADCANDY malware infections actively targeting unpatched Cisco IOS XE devices across Australia. These attacks are exploiting a critical vulnerability (CVE-2023-20198) rated 10.0 (maximum severity),
@FORTBRIDGE
3 Nov 2025
113 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ASD warns of active #BADCANDY attacks exploiting a critical #Cisco IOS XE flaw (CVE-2023-20198, CVSS 10.0). 🔗 Read full blog: https://t.co/EsDKtl0z4S #CyberSecurity #Cisco #VulnerabilityManagement
@vulert_official
3 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-20198 -Cisco IOS XE Web UI privilege escalation, mass-exploited in edge device botnets - CyberDudeBivash PostMortem Report Read the full report on - https://t.co/s833hzg8G5 https://t.co/YwInskbKj2
@Iambivash007
3 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@SNAPMEOHACKER
3 Nov 2025
436 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BADCANDY on Cisco IOS XE (CVE-2023-20198) is a nonpersistent web shell; reboot hides it but the flaw persists. Patch now to stop reexploitation; 400+ devices affected since July 2025. #CiscoSecurity https://t.co/2W9Ls13cWr
@velocityplugins
2 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@HarumLatief
2 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
2 Nov 2025
279 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad (RCE) CVE-2023-20198, CVSS 10.0, permite en remoto sin autenticacion, crear cuentas privilegiadas en los routers y switches Cisco IOS XE versiones 16.x y 17.x , con "Cisco IOS http config", habilitado! https://t.co/SxWby0Ct5u #hackingyseguridad https://t.co/Zc
@antonio_taboada
2 Nov 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨ASD warns of ongoing BADCANDY attacks exploiting Cisco IOS XE vuln CVE-2023-20198 (CVSS 10.0)! Remote, unauthenticated attackers can fully compromise unpatched devices - active exploitation in Australia. Patch immediately! More: https://t.co/YQnpr5B3ui Follow @kernel_panic69
@kernelpanicsec
2 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ASD alerts on ongoing BADCANDY attacks exploiting Cisco IOS XE CVE-2023-20198. Over 400 devices in Australia affected! Patch systems & limit public UI exposure to prevent re-infection. #CyberSecurity #Cisco #BADCANDY #Vulnerability #Infosec https://t.co/DWq5hMRoQo
@Thalix1537
2 Nov 2025
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BADCANDY on Cisco IOS XE uses CVE-2023-20198 to grant unauthenticated privilege 15. Rebooting won't fix it. Patch now, disable HTTP, lock ACLs. 150+ Aussie devices compromised. #Cybersecurity https://t.co/UOiXUNA1vt
@velocityplugins
2 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 هشدار امنیتی جدید از #ASD: بیش از ۴۰۰ دستگاه #Cisco IOS XE در استرالیا با بدافزار تازهای به نام BADCANDY آلوده شدهاند. این بدافزار از آسیبپذیری بحرانی CVE-2023-20198
@vulnerbyte
2 Nov 2025
85 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-25469 2 - CVE-2023-20198 3 - CVE-2023-40129 4 - CVE-2022-1388 5 - CVE-2022-26923 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
2 Nov 2025
113 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-20198 on Cisco IOS XE lets attackers create admin accounts via the web UI. BADCANDY is a low effort non persistent shell; reboot clears it but the CVE remains. Patch now #CyberSecurity https://t.co/qAuuUvjm7o
@velocityplugins
2 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
2 Nov 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
オーストラリア信号局(ASD)による、CISCO IOS XEの脆弱性(CVE-2023-20198)を悪用したBADCANDYと呼ばれるバックドアに関する注意喚起。 Don’t take BADCANDY from strangers – How your devices could be implanted and what to do about it |
@ntsuji
2 Nov 2025
17585 Impressions
3 Retweets
18 Likes
7 Bookmarks
0 Replies
1 Quote
Actively exploited CVE : CVE-2023-20198
@transilienceai
2 Nov 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Threat actors are exploiting CVE-2023-20198 in Cisco IOS XE devices to install the ‘BADCANDY’ implant. Variations of BADCANDY have been observed since October 2023, with renewed activity seen throughout 2024 and 2025 https://t.co/AJ3OwTj4D6
@marty1968558
2 Nov 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Australia's ASD warns of ongoing attacks exploiting CVE-2023-20198 on unpatched Cisco IOS XE devices, allowing BadCandy webshell installation and admin takeover; over 400 devices compromised since July 2025. #CyberSecurity #Cisco https://t.co/aQMcX83RGG
@Cyber_O51NT
2 Nov 2025
1571 Impressions
7 Retweets
15 Likes
4 Bookmarks
0 Replies
0 Quotes
🚨 Cyber News Roundup Nov 1: ASD flags BADCANDY attacks on Cisco IOS XE (CVE-2023-20198). CISA warns of exploited Linux kernel UAF vuln for ransomware. Akira claims 23GB Apache OpenOffice breach. Hackers smuggle AI agent sessions & loot via WSUS flaw. More: https://t.co
@arnav_sharma
1 Nov 2025
118 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Alvo Cisco IOS XE na Austrália: Ataques exploram falha crítica CVE-2023-20198 para instalar malware BADCANDY, infectando 400 dispositivos desde 2025; especialistas alertam para aplicação imediata de patches e medidas de segurança. https://t.co/L41bzUZDcE
@caveiratech
1 Nov 2025
7 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
China-linked threat actors are actively exploiting vulnerability (CVE-2023-20198) in unpatched Cisco IOS XE devices, enabling remote, unauthenticated attackers to seize control of systems and breach telecommunications providers. This puts hundreds of Australian devices at risk of
@cybernewslive
1 Nov 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sweet & savory CVE-2023-20198 exploit resurrected to spread "low equity Lua-based web shell" BADCANDY; Salt Typhoon observed targeting vulnerable Cisco IOS XE devices https://t.co/IS7UUvho3u https://t.co/Zgjtzs0RWF
@cyber_megan
1 Nov 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
1 Nov 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
1 Nov 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ASD reports ongoing attacks exploiting CVE-2023-20198 in unpatched Cisco IOS XE devices using the BADCANDY implant. Over 400 devices compromised, linked to Chinese group Salt Typhoon. #CiscoIOSXE #BADCANDY #Australia https://t.co/mXYbSuwHO2
@TweetThreatNews
1 Nov 2025
121 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
1 Nov 2025
35 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أصدرت إدارة الإشارات الأسترالية (ASD) تحذيراً بشأن هجمات إلكترونية مستمرة تستهدف أجهزة Cisco IOS XE غير المحدثة باستخدام برمجية BADCANDY. الهجمات تستغل ثغرة حرجة
@Cybercachear
1 Nov 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphack_2
1 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@Niatahsini
1 Nov 2025
10 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@NikiKhot20
1 Nov 2025
174 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@silentwolf12347
1 Nov 2025
240 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ASD Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability ASD confirms BADCANDY malware re-infecting patched Cisco IOS XE devices through CVE-2023-20198 flaw. https://t.co/E1P5HJTPCC https://t.co/9CjNxanu6P
@RickSpairDX
1 Nov 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers just come back. Watch for fake cisco_sys_manager accounts ↓ https://t.co/zYEoMflKzg
@TheHackersNews
1 Nov 2025
19401 Impressions
58 Retweets
128 Likes
34 Bookmarks
4 Replies
5 Quotes
Ongoing cyberattacks against unpatched Cisco IOS XE devices in the country to infect routers with the BadCandy webshell. CVE-2023-20198, a max-severity flaw that allows remote unauthenticated threat actors to create a local admin user. https://t.co/XydOhWENwY https://t.co/YbHs0Hw
@riskigy
31 Oct 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A45C356A-6A37-4DB6-8D25-546B364076D5",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "11AA4EEB-01CC-4D7D-BED0-26D208667FB4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5800_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57E85D08-12AA-4EC4-946A-3F0614F2E45E",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "832EFFE6-1C38-47B9-95F1-F3FBC785FA27"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C8A350D-6C3A-430F-9763-5D167C5CEAE5",
"versionEndExcluding": "16.12.10a",
"versionStartIncluding": "16.12"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEA2169A-BE52-48B4-8967-D99A4BCAFF58",
"versionEndExcluding": "17.3.8a",
"versionStartIncluding": "17.3"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "281561C8-E24D-4AC1-B1F8-1D32171B9A2F",
"versionEndExcluding": "17.6.6a",
"versionStartIncluding": "17.6"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B628DA7F-32AA-459B-95A6-AF3BFC0E765C",
"versionEndExcluding": "17.9.4a",
"versionStartIncluding": "17.9"
}
],
"operator": "OR"
}
]
}
]