cbcvebase.
CVE-2020-3586
published 2020-11-18

CVE-2020-3586: A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary…

PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.45%
82.3th percentile
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underling operating system with privileges of the web-based management application, which is running as a restricted user. This could result in changes being made to pages served by the web-based management application impacting the integrity or availability of the web-based management application.

Affected

3 ranges
VendorProductVersion rangeFixed in
ciscocisco_dna_spaces_connector
ciscodna_spaces<= 2.2
ciscodna_spaces_connector

Detection & IOCsextracted from sources · hover to see the quote

  • Detect crafted HTTP requests targeting the Cisco DNA Spaces Connector web-based management interface, which may indicate exploitation of the command injection vulnerability (CWE-78).
  • Monitor for unexpected OS command execution spawned from the Cisco DNA Spaces Connector web application process (restricted user context), which would indicate successful exploitation.
  • Monitor for unauthorized modifications to pages served by the Cisco DNA Spaces Connector web-based management application as a post-exploitation indicator.
  • ·The vulnerability is unauthenticated — no credentials are required to exploit it, meaning perimeter controls blocking unauthenticated access to the management interface are the primary mitigation until patching.
  • ·Cisco confirms there are no workarounds available; patching via the released software updates is the only remediation path.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.4CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.