{"containers": {"cna": {"affected": [{"product": "Cisco IOS XE Software 16.1.1", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-24T17:52:58", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}], "source": {"advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr", "defect": [["CSCvs40364", "CSCvs40405"]], "discovery": "INTERNAL"}, "title": "Cisco IOS XE Software Web Management Framework Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-09-24T16:00:00", "ID": "CVE-2020-3475", "STATE": "PUBLIC", "TITLE": "Cisco IOS XE Software Web Management Framework Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS XE Software 16.1.1", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}]}, "source": {"advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr", "defect": [["CSCvs40364", "CSCvs40405"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:54.875Z"}, "title": "CVE Program Container", "references": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-13T17:23:17.017385Z", "id": "CVE-2020-3475", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T17:57:42.435Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3475", "datePublished": "2020-09-24T17:52:58.367771Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-13T17:57:42.435Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "Cisco IOS XE Software 16.1.1", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-24T17:52:58", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}], "source": {"advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr", "defect": [["CSCvs40364", "CSCvs40405"]], "discovery": "INTERNAL"}, "title": "Cisco IOS XE Software Web Management Framework Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-09-24T16:00:00", "ID": "CVE-2020-3475", "STATE": "PUBLIC", "TITLE": "Cisco IOS XE Software Web Management Framework Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco IOS XE Software 16.1.1", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "4.3", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}]}, "source": {"advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr", "defect": [["CSCvs40364", "CSCvs40405"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:54.875Z"}, "title": "CVE Program Container", "references": [{"name": "20200924 Cisco IOS XE Software Web Management Framework Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-3475", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-13T17:23:17.017385Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-13T17:27:05.323Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3475", "datePublished": "2020-09-24T17:52:58.367771Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-13T17:57:42.435Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6230A85-30D2-4934-A8A0-11499B7B09F8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*", "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "18736C74-F68F-4D0B-AE2B-4BC1834EF794", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*", "matchCriteriaId": "D223C2AB-22A4-42B5-8BBB-78E2CBF23B40", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDD3EAA2-8F25-4099-B76F-5ACC3BE34610", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE9BD57F-BDAC-46DD-AF87-8914B29670F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7E00A0B-A58E-472F-B107-0FE106751F2D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "BCB45406-5216-4A11-B8D3-C44639DC26B0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "215D01AE-3767-482A-85C5-3361506F0AC3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "A06E37A8-166F-4534-9089-D20B1227F4DD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9D6DAE3-BAD0-46D8-B899-45B955F532F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*", "matchCriteriaId": "327167E8-4B65-4F9D-8760-34CDA03887CA", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0DA2253-C6A9-4749-B313-6552628A96F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "C925086A-94B9-4FE0-9FEB-3242C1217453", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EB14B34-4035-41D2-834B-7FB069264207", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A46D298-1685-410E-879C-2EBC45C185AC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*", "matchCriteriaId": "196A7C06-8371-479D-973D-591DEB181739", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE42511E-9883-4779-A8E5-FC3E16EF2793", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB06AD21-91A7-46B8-8F44-683828A5422D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DA169AF-3743-4051-B63B-FF6E1ADCD886", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D13CF5B-4482-4C7D-8D6A-E220F3E4F868", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*", "matchCriteriaId": "92134C0A-4E5B-43EF-8439-484DF504C43C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*", "matchCriteriaId": "26ECF9BD-F632-4A02-8993-C0D44B91289C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "48730DB5-94AF-4BE7-8047-52B8B47CE35A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3A88142-3284-4C25-8774-36004B5F9087", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EB76311-4B6D-4897-A683-4244E92BD570", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDA2975-CDB7-4182-A03E-D34F15CDF6F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "35B9D0B5-4BE1-490E-9A68-00A3D357BC3D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "71FA2F5A-6146-4142-96A8-552118E4BB67", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*", "matchCriteriaId": "BEF786D6-F28F-49D8-A15C-BFD0AA934355", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*", "matchCriteriaId": "6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B2E41E2-00CE-42C4-8C91-9307D76F5D7A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*", "matchCriteriaId": "98CB2D23-B5F8-4FA9-8431-3B0124CE2140", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*", "matchCriteriaId": "53D13F1D-345D-45D5-9000-DAFE8A85D71B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CFB064E-E390-47B5-AA76-5D3D2E368055", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-12x48uq:-:*:*:*:*:*:*:*", "matchCriteriaId": "75310844-0DEA-4F0B-B9DB-AA55AA3EED17", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-12x48ur:-:*:*:*:*:*:*:*", "matchCriteriaId": "28D2AC87-9D6C-4E49-8923-F6B5C73B18F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-12x48uz:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0A51E5D-501F-4EDE-8566-A6C217D4C7C3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-24pd:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFB1635F-48C9-47A4-8284-953DFA0B1C89", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-24pdm:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE619CD8-98F9-4CAC-BFB7-EB4DD84040B9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-24ps:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE323F9B-C767-4B8E-82C2-1387F29444BC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-24td:-:*:*:*:*:*:*:*", "matchCriteriaId": "5124B311-935A-4267-B360-08C8F0BE8691", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-24ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "E92A4C9B-B5AA-4112-9136-D6E187057BE7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48fd:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E328765-1E27-4E50-9DE0-556D4A349151", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48fq:-:*:*:*:*:*:*:*", "matchCriteriaId": "A8528780-0254-4D21-8172-71BD01988608", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48fqm:-:*:*:*:*:*:*:*", "matchCriteriaId": "97203BEC-044F-4263-A4EA-536486BBEC6A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48fs:-:*:*:*:*:*:*:*", "matchCriteriaId": "C3AAB4D4-6986-4055-B68D-AA9E306DA5BD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48pd:-:*:*:*:*:*:*:*", "matchCriteriaId": "F821C98D-B8E3-44A9-8534-ACBDD4BEB5F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "733850D4-DD9D-40B8-BB7F-FF9C26818FAC", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48ps:-:*:*:*:*:*:*:*", "matchCriteriaId": "276373D2-CB95-43F8-A4C4-5A0E1B0046F7", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48td:-:*:*:*:*:*:*:*", "matchCriteriaId": "77599A2E-3149-4C7B-90A2-C95E4FAAC3E1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48tq:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A14F739-1643-4425-8C9E-4A7FB831F4B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-48ts:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E1D0F90-14C7-404F-9F75-9D9937E489D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3650-8x24uq:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCE19812-3A07-4561-BB1A-0B43C11F5FA3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA292FB5-7589-4E22-8AE1-CEE4E987CD9E", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-12s:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C0BCC2C-20D6-40EB-9334-C83FC5F69A93", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-12x48u:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F3EC00D-ACEA-49DE-A7A8-42CCA6569D2A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-12xs:-:*:*:*:*:*:*:*", "matchCriteriaId": "1341B21E-49E9-4219-B1B0-592B180D5D09", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EAF61B9-CE12-40E9-9DCE-D3411E74BBB3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1DB530A-74B9-43DA-B8E8-A761E6A159F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24t:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B8C8EA0-7767-4CC1-88BE-B678FAFD96C2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24u:-:*:*:*:*:*:*:*", "matchCriteriaId": "56929D47-3994-4008-87DA-F64AAB7EB12D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24xs:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C0CE864-1B46-4040-87F3-3CFE3517422C", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-24xu:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7EFF383-6194-41C0-A6FE-DBF17D43EDDD", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-48f:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA9254CA-6616-4743-B146-A120D97350A2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-48p:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D75A217-8CDF-40B5-BB48-D018FFC6BCBA", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-48t:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C1CD87D-3AAA-4474-8C90-26552FF5C90B", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-48u:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AE2EAFB-83D9-4517-9B17-3A6D3D846D9F", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:ws-c3850-48xs:-:*:*:*:*:*:*:*", "matchCriteriaId": "819E8E03-F31D-47BF-9725-6F352924F002", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en el framework de administraci\u00f3n web de Cisco IOS XE Software, podr\u00edan permitir a un atacante remoto autenticado con privilegios de solo lectura conseguir acceso de lectura no autorizado a datos confidenciales o causar que el software de administraci\u00f3n web se cuelgue o bloquee, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso."}], "id": "CVE-2020-3475", "lastModified": "2024-11-21T05:31:08.717", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-24T18:15:19.713", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}