CVE-2020-3219
published 2020-06-03CVE-2020-3219: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with…
PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
3.31%
87.0th percentile
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.
Affected
94 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_ios_xe_software_16.1.1 | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
| cisco | ios_xe | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector targets the Cisco IOS XE Web UI; monitor for crafted/anomalous HTTP input submitted to the web UI of IOS XE devices by authenticated users ↗
- →Successful exploitation results in OS-level command execution with administrative privileges; look for unexpected privileged process spawning from the IOS XE web server process ↗
- →Track Cisco internal Bug ID CSCvq32594 for patch and indicator updates related to this vulnerability ↗
- ·Exploitation requires the attacker to be authenticated; unauthenticated access to the web UI alone is not sufficient to trigger this vulnerability ↗
- ·No workarounds are available; the only remediation is applying Cisco-released software updates ↗
- ·The vulnerability is classified under CWE-77 (Command Injection) and carries a CVSS score of 3.0 base; verify scoring context before prioritizing ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_cisco8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation Stratix Devices Containing Cisco IOS
cisa_ics·2022-10-27·CVSS 7.7
[HIGH] Rockwell Automation Stratix Devices Containing Cisco IOS
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation Stratix Devices Containing Cisco IOS
Last RevisedOctober 27, 2022
Alert CodeICSA-22-300-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Rockwell Automation
- Equipment: Stratix Devices
- Vulnerabilities: Incorrect Authorization, Improper Input Validation, Improper Check for Unusual or Exceptional Conditions, Interpretation Conflict, OS Command Injection, Improper Verification of Cryptographic Signature, Path Traversal
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could l
Cisco
Cisco IOS XE Software Web UI Command Injection Vulnerability
vendor_cisco·2020-06-03·CVSS 8.8
CVE-2020-3219 [HIGH] CWE-77 Cisco IOS XE Software Web UI Command Injection Vulnerability
Cisco IOS XE Software Web UI Command Injection Vulnerability
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.
The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.c
Cisco
Cisco IOS XE Software Web UI Command Injection Vulnerability
vendor_cisco·CVSS 3.0
CVE-2020-3219 Cisco IOS XE Software Web UI Command Injection Vulnerability
CVE-2020-3219: Cisco IOS XE Software Web UI Command Injection Vulnerability
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device. Cisco has released software updates that address this vulnerability. There are no
CVSS: 3.0
CWE: CWE-77, CWE-77
Bug IDs: CSCvq32594
GHSA
GHSA-2hc6-pjqv-vf75: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with adm
ghsa_unreviewed·2022-05-24
CVE-2020-3219 [HIGH] CWE-20 GHSA-2hc6-pjqv-vf75: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with adm
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-06-03
Published