Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Cisco IOS XE Web UI Authentication Bypass (CVE-2023-20198) - Vulnerability Database

Cisco IOS XE Web UI Authentication Bypass (CVE-2023-20198)

Description

The Cisco IOS XE Web UI has an authentication bypass vulnerability. An unauthenticated attacker can bypass the authentication with a specially crafted HTTP request and get full access to the system.

Remediation

Upgrade to the latest version of Cisco IOS XE

References

Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
Cisco IOS XE CVE-2023-20198: Deep Dive and POC

Related Vulnerabilities

Wing FTP Server RCE (CVE-2025-47812) Critical
Common tags: Authentication Bypass Known Vulnerabilities
URL rewrite vulnerability Medium
Common tags: Authentication Bypass Known Vulnerabilities
AppWeb Authentication Bypass (CVE-2018-8715) High
Common tags: Authentication Bypass Known Vulnerabilities
Apache OFBiz Authentication Bypass (CVE-2023-51467) Critical
Common tags: Authentication Bypass Known Vulnerabilities
Apache OFBiz RCE (CVE-2024-32113/CVE-2024-36104/CVE-2024-38856) Critical
Common tags: Authentication Bypass Known Vulnerabilities

Severity

Critical

Classification

CVE-2023-20198
CWE-287
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Tags

Authentication Bypass
Known Vulnerabilities