cbcvebase.
CVE-2020-3219
published 2020-06-03

CVE-2020-3219: A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with…

PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
3.31%
87.0th percentile
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.

Affected

94 ranges· showing 25
VendorProductVersion rangeFixed in
ciscocisco_ios_xe_software_16.1.1
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe
ciscoios_xe

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector targets the Cisco IOS XE Web UI; monitor for crafted/anomalous HTTP input submitted to the web UI of IOS XE devices by authenticated users
  • Successful exploitation results in OS-level command execution with administrative privileges; look for unexpected privileged process spawning from the IOS XE web server process
  • Track Cisco internal Bug ID CSCvq32594 for patch and indicator updates related to this vulnerability
  • ·Exploitation requires the attacker to be authenticated; unauthenticated access to the web UI alone is not sufficient to trigger this vulnerability
  • ·No workarounds are available; the only remediation is applying Cisco-released software updates
  • ·The vulnerability is classified under CWE-77 (Command Injection) and carries a CVSS score of 3.0 base; verify scoring context before prioritizing

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_cisco8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.