CVE-2020-3586
published 2020-11-18CVE-2020-3586: A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary…
PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.45%
82.3th percentile
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underling operating system with privileges of the web-based management application, which is running as a restricted user. This could result in changes being made to pages served by the web-based management application impacting the integrity or availability of the web-based management application.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_dna_spaces_connector | — | — |
| cisco | dna_spaces | <= 2.2 | — |
| cisco | dna_spaces_connector | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect crafted HTTP requests targeting the Cisco DNA Spaces Connector web-based management interface, which may indicate exploitation of the command injection vulnerability (CWE-78). ↗
- →Monitor for unexpected OS command execution spawned from the Cisco DNA Spaces Connector web application process (restricted user context), which would indicate successful exploitation. ↗
- →Monitor for unauthorized modifications to pages served by the Cisco DNA Spaces Connector web-based management application as a post-exploitation indicator. ↗
- ·The vulnerability is unauthenticated — no credentials are required to exploit it, meaning perimeter controls blocking unauthenticated access to the management interface are the primary mitigation until patching. ↗
- ·Cisco confirms there are no workarounds available; patching via the released software updates is the only remediation path. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.4CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco DNA Spaces Connector Command Injection Vulnerability
vendor_cisco·2020-11-18·CVSS 9.4
CVE-2020-3586 [CRITICAL] CWE-78 Cisco DNA Spaces Connector Command Injection Vulnerability
Cisco DNA Spaces Connector Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device.
The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underling operating system with privileges of the web-based management application, which is running as a restricted user. This could result in changes being made to pages served by the web-based management application impacting the integri
Cisco
Cisco DNA Spaces Connector Command Injection Vulnerability
vendor_cisco·CVSS 3.1
CVE-2020-3586 Cisco DNA Spaces Connector Command Injection Vulnerability
CVE-2020-3586: Cisco DNA Spaces Connector Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underling operating system with privileges of the web-based management application, which is running as a restricted user. This could result in changes being made to pages served by the web-based management application impactin
GHSA
GHSA-wj9h-qr23-xmqh: A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitra
ghsa_unreviewed·2022-05-24
CVE-2020-3586 [CRITICAL] CWE-78 GHSA-wj9h-qr23-xmqh: A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitra
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underling operating system with privileges of the web-based management application, which is running as a restricted user. This could result in changes being made to pages served by the web-based management application impacting the integrity or availability of the web-based management application.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-11-18
Published