Details of VAR-202011-1014

ID

VAR-202011-1014

CVE

CVE-2020-3367

TITLE

Cisco Secure Web Appliance for Cisco AsyncOS In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-013780

DESCRIPTION

A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the web interface and CLI. An attacker could exploit this vulnerability by authenticating to the affected device and injecting scripting commands in the scope of the log subscription subsystem. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. Cisco AsyncOS is an operating system for Cisco devices developed by Cisco

Trust: 1.8

sources: NVD: CVE-2020-3367 // JVNDB: JVNDB-2020-013780 // VULHUB: VHN-181492 // VULMON: CVE-2020-3367

AFFECTED PRODUCTS

vendor:	cisco	model:	asyncos	scope:	lt	version:	11.7.2-011	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	12.5.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.5.1-011	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	12.0.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	gte	version:	11.8.0	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	12.0.2	Trust: 1.0
vendor:	cisco	model:	asyncos	scope:	lt	version:	11.8.2-009	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco asyncos	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-013780 // NVD: CVE-2020-3367

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3367
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3367
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-3367
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202011-1621
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181492
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-3367
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-3367
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-181492
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3367
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3367
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	3.4
version:	3.0
Trust: 1.0
NVD:	CVE-2020-3367
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181492 // VULMON: CVE-2020-3367 // JVNDB: JVNDB-2020-013780 // CNNVD: CNNVD-202011-1621 // NVD: CVE-2020-3367 // NVD: CVE-2020-3367

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.1
problemtype:	OS Command injection (CWE-78) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-181492 // JVNDB: JVNDB-2020-013780 // NVD: CVE-2020-3367

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-1621

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202011-1621

PATCH

title:	cisco-sa-wsa-prv-esc-nPzWZrQj	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-nPzWZrQj	Trust: 0.8
title:	Cisco AsyncOS Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=135767	Trust: 0.6
title:	Cisco: Cisco Secure Web Appliance Privilege Escalation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-wsa-prv-esc-nPzWZrQj	Trust: 0.1
title:	-	url:	https://www.theregister.co.uk/2021/01/22/cisco_critical_vulnerabilities/	Trust: 0.1

sources: VULMON: CVE-2020-3367 // JVNDB: JVNDB-2020-013780 // CNNVD: CNNVD-202011-1621

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3367	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-013780	Trust: 0.8
db:	CNNVD	id:	CNNVD-202011-1621	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.4102	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4102.2	Trust: 0.6
db:	CNVD	id:	CNVD-2020-66207	Trust: 0.1
db:	VULHUB	id:	VHN-181492	Trust: 0.1
db:	VULMON	id:	CVE-2020-3367	Trust: 0.1

sources: VULHUB: VHN-181492 // VULMON: CVE-2020-3367 // JVNDB: JVNDB-2020-013780 // CNNVD: CNNVD-202011-1621 // NVD: CVE-2020-3367

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-wsa-prv-esc-npzwzrqj	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3367	Trust: 1.4
url:	https://vigilance.fr/vulnerability/cisco-secure-web-appliance-privilege-escalation-via-log-subscription-subsystem-33918	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4102.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4102/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/78.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-181492 // VULMON: CVE-2020-3367 // JVNDB: JVNDB-2020-013780 // CNNVD: CNNVD-202011-1621 // NVD: CVE-2020-3367

SOURCES

db:	VULHUB	id:	VHN-181492
db:	VULMON	id:	CVE-2020-3367
db:	JVNDB	id:	JVNDB-2020-013780
db:	CNNVD	id:	CNNVD-202011-1621
db:	NVD	id:	CVE-2020-3367

LAST UPDATE DATE

2024-11-23T23:11:15.023000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181492	date:	2020-12-02T00:00:00
db:	VULMON	id:	CVE-2020-3367	date:	2020-12-02T00:00:00
db:	JVNDB	id:	JVNDB-2020-013780	date:	2021-07-13T07:59:00
db:	CNNVD	id:	CNNVD-202011-1621	date:	2021-01-22T00:00:00
db:	NVD	id:	CVE-2020-3367	date:	2024-11-21T05:30:53.427

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181492	date:	2020-11-18T00:00:00
db:	VULMON	id:	CVE-2020-3367	date:	2020-11-18T00:00:00
db:	JVNDB	id:	JVNDB-2020-013780	date:	2021-07-13T00:00:00
db:	CNNVD	id:	CNNVD-202011-1621	date:	2020-11-18T00:00:00
db:	NVD	id:	CVE-2020-3367	date:	2020-11-18T18:15:12.480