CVE-2023-20198
Published Oct 16, 2023
Last updated a month ago
AI description
CVE-2023-20198 is a vulnerability found in the web UI feature of Cisco IOS XE Software. It involves improper path validation, which allows attackers to bypass Nginx filtering and access the webui_wsma_http web endpoint without authentication. This access enables execution of arbitrary Cisco IOS commands or configuration changes with Privilege 15. Exploitation of this vulnerability typically involves targeting two specific XML SOAP endpoints: cisco:wsma-exec for command execution and configuration changes, and cisco:wsma-config for tasks like adding new user accounts. Attackers were observed exploiting CVE-2023-20198 to gain initial access, create a local user account, and then leverage another vulnerability (CVE-2023-20273) to escalate privileges to root and install malware. Cisco IOS XE Software runs on various Cisco networking devices, including routers, switches, and wireless controllers.
- Description
- Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- allen-bradley_stratix_5200_firmware, allen-bradley_stratix_5800_firmware, ios_xe
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco IOS XE Web UI Privilege Escalation Vulnerability
- Exploit added on
- Oct 16, 2023
- Exploit action due
- Oct 20, 2023
- Required action
- Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.
- psirt@cisco.com
- CWE-420
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@SNAPHACKER33
23 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@FalidinX
22 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@ethicasnaphack
22 Nov 2025
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@4Gsnaphack
22 Nov 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@SNAPHACKER33
22 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@Kelvinpoul1z
22 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hacker jus
@snappyhack21
22 Nov 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snapmyeyeonly
22 Nov 2025
92 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/SlBLQFVcp9
@ELONCEO407
22 Nov 2025
20 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@SNAPHACKSINC
22 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@ETHICALSNAP
21 Nov 2025
2 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphackinc
19 Nov 2025
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snap_hack_4
17 Nov 2025
20 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/89uaQd4Lva
@yurikaue_
16 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/g299BaPMB6
@yurikaue_
16 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/jZ9KDjWBMv
@Kelvinpoul1z
15 Nov 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/kBK1HRczuc
@Kelvinpoul1z
15 Nov 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/gAH0eXLfWH
@Kelvinpoul1z
15 Nov 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/qHYIkerhqI
@Kelvinpoul1z
15 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/BxveFC7BqP
@Kelvinpoul1z
15 Nov 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/T5SM8MKcvz
@Kelvinpoul1z
15 Nov 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/bqdrdCjZog
@conradcypher
15 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/VIrlW78pS4
@IsaacMaricevich
14 Nov 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/bCrcIy2VfH
@Luana20887920
14 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/0HSAv212GQ
@conradcypher
14 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/DTdjP6xOfd
@snapmyeyeonly
14 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/1EtvsrNyfD
@IsaacMaricevich
14 Nov 2025
139 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/2oBcxuc8sf
@EngHussien1409
14 Nov 2025
184 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/uExgVKhcgr
@IsaacMaricevich
14 Nov 2025
134 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. https://t.co/AN4N4ck6u0
@IsaacMaricevich
14 Nov 2025
123 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔥 BadCandy is BACK — Cisco IOS XE Web UI (CVE-2023-20198) Under Active Exploitation 🔥 On Nov 1, Australia’s ASD confirmed new attacks using the BadCandy web shell, abusing the old but CVSS 10.0 Cisco IOS XE Web UI flaw. ➡️ Attackers can create privilege-15
@CriminalIP_US
13 Nov 2025
302 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 BadCandy 재등장 — Cisco IOS XE Web UI( CVE-2023-20198 ) 악용 재확산 11월 1일, 호주 ASD가 BadCandy 웹셸이 다시 발견되었다고 경고했습니다. 공격자는 CVSS 10.0의 오래된 Cisco IOS XE Web UI 취약점을 악용해 Privilege 15 관리자 계
@CriminalIP_KR
13 Nov 2025
147 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
What is the critical vulnerability being exploited in the ongoing cyber attacks targeting unpatched Cisco IOS XE devices in Australia, linked to the implant known as BADCANDY? A) CVE-2021-34527 B) CVE-2023-20198 C) CVE-2022-12345 D) CVE-2023-10554
@cyb3rshi3ld
9 Nov 2025
402 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@Niatahsini
8 Nov 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨#snaphack #buyingcontent #monkeyapp #buysnaphack Pay before service only. $$ #snapchatleak ฿ 400+ Cisco routers hacked across Australia! A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers ju
@snaphacgod
7 Nov 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[MàJ] Multiples vulnérabilités dans Cisco IOS XE (17 octobre 2023) — \[Mise à jour du 02 novembre 2023\] La version 17.3.8a est disponible. \[Mise à jour du 31 octobre 2023\] Les détails techniques de la vulnérabilité CVE-2023-20198 sont désormais disponibles publiquem
@RotateKeys
7 Nov 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨 Cisco IOS XE ALERT — BadCandy(CVE-2023-20198) 🧨 BadCandy web-shell attacks exploiting CVE-2023-20198 have been actively reported. Unpatched IOS XE devices are at risk of full compromise(attacker can obtain level-15/admin privileges and install a webshell). Immediate che
@CriminalIP_US
5 Nov 2025
884 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
🧨 Cisco IOS XE 긴급경고 — BadCandy (CVE-2023-20198) 🧨 CVE-2023-20198 취약점을 악용한 BadCandy 웹셸 공격이 활발히 보고되고 있습니다. 패치되지 않은 IOS XE 장치는 관리자 권한(레벨15) 탈취 및 웹셸 설치로 완전 장악될 위
@CriminalIP_KR
5 Nov 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧨 Cisco IOS XE 緊急警告 — #BadCandy (CVE-2023-20198) 🧨 CVE-2023-20198 を悪用する BadCandy ウェブシェル攻撃が活発に報告されています。パッチ未適用の IOS XE https://t.co/663SPPs64L
@CriminalIP_JP
5 Nov 2025
148 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A new implant called BADCANDY is exploiting CVE-2023-20198 — even after patches. Rebooting won’t help. Hackers just come back 453 #snaphack #Snapgod #buyingcontent #content #championsleaugue https://t.co/0XmBfaiMQz
@HarumLatief
4 Nov 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🇦🇺 Australia's ASD warns of 'BADCANDY' malware attacks on Cisco IOS XE devices. Hackers are exploiting critical flaw CVE-2023-20198 to take over routers. 150+ devices infected in October alone. #Cisco #CyberSecurity #BADCANDY #PatchNow 🔗 https://t.co/NoQYWhjISv
@NetSecIO
4 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Cisco IOS XE BADCANDY: Attackers Detect Implant Removal and Re-Exploit Immediately Australia's Signals Directorate warns BADCANDY operators watch you delete their implant—then immediately re-exploit CVE-2023-20198. What's clever: actors scan for unpatched IOS XE devi
@the_c_protocol
3 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Alertan de ataques contra equipos de Cisco IOS XE Se emitió una nueva advertencia sobre ataques activos contra equipos Cisco IOS XE que no han sido actualizados frente a la vulnerabilidad CVE-2023-20198 (CVSS 10.0). Es una falla que permite a un atacante remoto crear u
@CycuraMX
3 Nov 2025
3334 Impressions
18 Retweets
45 Likes
14 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5200_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A45C356A-6A37-4DB6-8D25-546B364076D5",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5200:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "11AA4EEB-01CC-4D7D-BED0-26D208667FB4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rockwellautomation:allen-bradley_stratix_5800_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57E85D08-12AA-4EC4-946A-3F0614F2E45E",
"versionEndExcluding": "17.12.02"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5800:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "832EFFE6-1C38-47B9-95F1-F3FBC785FA27"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C8A350D-6C3A-430F-9763-5D167C5CEAE5",
"versionEndExcluding": "16.12.10a",
"versionStartIncluding": "16.12"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEA2169A-BE52-48B4-8967-D99A4BCAFF58",
"versionEndExcluding": "17.3.8a",
"versionStartIncluding": "17.3"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "281561C8-E24D-4AC1-B1F8-1D32171B9A2F",
"versionEndExcluding": "17.6.6a",
"versionStartIncluding": "17.6"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B628DA7F-32AA-459B-95A6-AF3BFC0E765C",
"versionEndExcluding": "17.9.4a",
"versionStartIncluding": "17.9"
}
],
"operator": "OR"
}
]
}
]