Sign-up

ID

VAR-202006-1091


CVE

CVE-2020-3224


TITLE

Cisco IOS XE In software OS Command injection vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-006344

DESCRIPTION

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be executed. The vulnerability is due to insufficient input validation of specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific web UI endpoint on an affected device. A successful exploit could allow the attacker to inject IOS commands to the affected device, which could allow the attacker to alter the configuration of the device or cause a denial of service (DoS) condition. (DoS) It may be put into a state. Cisco IOS XE is an operating system developed by Cisco for its network equipment

Trust: 1.71

sources: NVD: CVE-2020-3224 // JVNDB: JVNDB-2020-006344 // VULHUB: VHN-181349

AFFECTED PRODUCTS

vendor:ciscomodel:ios xescope:eqversion:16.12.1y

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1c

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1a

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1s

Trust: 1.0

vendor:ciscomodel:ios xescope:eqversion:16.11.1b

Trust: 1.0

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-006344 // NVD: CVE-2020-3224

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3224
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3224
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-006344
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202006-319
value: HIGH

Trust: 0.6

VULHUB: VHN-181349
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-3224
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-006344
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181349
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3224
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3224
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-006344
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181349 // JVNDB: JVNDB-2020-006344 // CNNVD: CNNVD-202006-319 // NVD: CVE-2020-3224 // NVD: CVE-2020-3224

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

problemtype:CWE-77

Trust: 1.0

sources: VULHUB: VHN-181349 // JVNDB: JVNDB-2020-006344 // NVD: CVE-2020-3224

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202006-319

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202006-319

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-006344

PATCH
title:cisco-sa-webui-cmdinj-zM283Zdwurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-zM283Zdw
Trust: 0.8
title:Cisco IOS XE Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121141
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2020-006344 // 
            
            
            
            CNNVD: CNNVD-202006-319

EXTERNAL IDS
db:NVDid:CVE-2020-3224
Trust: 2.5
db:JVNDBid:JVNDB-2020-006344
Trust: 0.8
db:CNNVDid:CNNVD-202006-319
Trust: 0.7
db:AUSCERTid:ESB-2020.1938
Trust: 0.6
db:NSFOCUSid:47191
Trust: 0.6
db:VULHUBid:VHN-181349
Trust: 0.1
sources:
            
            
            VULHUB: VHN-181349 // 
            
            
            
            JVNDB: JVNDB-2020-006344 // 
            
            
            
            CNNVD: CNNVD-202006-319 // 
            
            
            
            NVD: CVE-2020-3224

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webui-cmdinj-zm283zdw
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2020-3224
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3224
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.1938/
Trust: 0.6
url:http://www.nsfocus.net/vulndb/47191
Trust: 0.6
url:https://vigilance.fr/vulnerability/cisco-ios-xe-multiple-vulnerabilities-32421
Trust: 0.6
sources:
            
            
            VULHUB: VHN-181349 // 
            
            
            
            JVNDB: JVNDB-2020-006344 // 
            
            
            
            CNNVD: CNNVD-202006-319 // 
            
            
            
            NVD: CVE-2020-3224

SOURCES
db:VULHUBid:VHN-181349
db:JVNDBid:JVNDB-2020-006344
db:CNNVDid:CNNVD-202006-319
db:NVDid:CVE-2020-3224

LAST UPDATE DATE
2024-11-23T21:34:49.488000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-181349date:2020-06-10T00:00:00
db:JVNDBid:JVNDB-2020-006344date:2020-07-07T00:00:00
db:CNNVDid:CNNVD-202006-319date:2020-07-21T00:00:00
db:NVDid:CVE-2020-3224date:2024-11-21T05:30:35.970

SOURCES RELEASE DATE
db:VULHUBid:VHN-181349date:2020-06-03T00:00:00
db:JVNDBid:JVNDB-2020-006344date:2020-07-07T00:00:00
db:CNNVDid:CNNVD-202006-319date:2020-06-03T00:00:00
db:NVDid:CVE-2020-3224date:2020-06-03T18:15:20.463