ID

VAR-202006-1089


CVE

CVE-2020-3222


TITLE

Cisco IOS XE Software permission management vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-006194

DESCRIPTION

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoint of the web UI. An attacker could exploit this vulnerability by connecting to the proxy service. An exploit could allow the attacker to bypass access restrictions on the network by proxying their access request through the management network of the affected device. As the proxy is reached over the management virtual routing and forwarding (VRF), this could reduce the effectiveness of the bypass. Cisco IOS XE The software contains a vulnerability in privilege management.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2020-3222 // JVNDB: JVNDB-2020-006194 // VULHUB: VHN-181347

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.11.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1y

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1b

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1d

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1t

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1w

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1e

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1g

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.2

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.10.1f

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.12.1c

Trust: 1.0

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-006194 // NVD: CVE-2020-3222

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3222
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3222
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-006194
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202006-329
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181347
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-3222
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-006194
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181347
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:P/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3222
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3222
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-006194
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181347 // JVNDB: JVNDB-2020-006194 // CNNVD: CNNVD-202006-329 // NVD: CVE-2020-3222 // NVD: CVE-2020-3222

PROBLEMTYPE DATA

problemtype:CWE-17

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-269

Trust: 0.9

sources: VULHUB: VHN-181347 // JVNDB: JVNDB-2020-006194 // NVD: CVE-2020-3222

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202006-329

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202006-329

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-006194

PATCH

title:cisco-sa-webui-unauthprxy-KXXsbWhurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-unauthprxy-KXXsbWh

Trust: 0.8

title:Cisco IOS XE Fixes for code issue vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120233

Trust: 0.6

sources: JVNDB: JVNDB-2020-006194 // CNNVD: CNNVD-202006-329

EXTERNAL IDS

db:NVDid:CVE-2020-3222

Trust: 2.5

db:JVNDBid:JVNDB-2020-006194

Trust: 0.8

db:CNNVDid:CNNVD-202006-329

Trust: 0.7

db:AUSCERTid:ESB-2020.1938

Trust: 0.6

db:VULHUBid:VHN-181347

Trust: 0.1

sources: VULHUB: VHN-181347 // JVNDB: JVNDB-2020-006194 // CNNVD: CNNVD-202006-329 // NVD: CVE-2020-3222

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webui-unauthprxy-kxxsbwh

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-3222

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3222

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1938/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-ios-xe-multiple-vulnerabilities-32421

Trust: 0.6

sources: VULHUB: VHN-181347 // JVNDB: JVNDB-2020-006194 // CNNVD: CNNVD-202006-329 // NVD: CVE-2020-3222

SOURCES

db:VULHUBid:VHN-181347
db:JVNDBid:JVNDB-2020-006194
db:CNNVDid:CNNVD-202006-329
db:NVDid:CVE-2020-3222

LAST UPDATE DATE

2024-08-14T13:24:31.721000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181347date:2021-09-22T00:00:00
db:JVNDBid:JVNDB-2020-006194date:2020-07-03T00:00:00
db:CNNVDid:CNNVD-202006-329date:2021-09-23T00:00:00
db:NVDid:CVE-2020-3222date:2021-09-22T19:55:20.467

SOURCES RELEASE DATE

db:VULHUBid:VHN-181347date:2020-06-03T00:00:00
db:JVNDBid:JVNDB-2020-006194date:2020-07-03T00:00:00
db:CNNVDid:CNNVD-202006-329date:2020-06-03T00:00:00
db:NVDid:CVE-2020-3222date:2020-06-03T18:15:20.183