CVE-2020-3400 – Cisco IOS XE Software Web UI Authorization Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3400
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web UI. A successful exploit could allow the attacker to utilize parts of the web UI for which they are not authorized. This could allow a Read-Only user to perform actions of an Admin user. Una vulnerabilidad en la funcionalidad de la Interfaz de Usuario web de Cisco IOS XE Software, podría permitir a un atacante remoto autenticado usar partes de la Interfaz de Usuario web para las que no está autorizado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-auth-bypass-6j2BYUc7 • CWE-862: Missing Authorization •
CVE-2020-3414 – Cisco IOS XE Software for Cisco 4461 Integrated Services Routers Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3414
A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IPv4 or IPv6 traffic to or through an affected device. An attacker could exploit this vulnerability by sending IP traffic to or through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en el procesamiento de paquetes de Cisco IOS XE Software para Cisco 4461 Integrated Services Routers, podría permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISR4461-gKKUROhx • CWE-19: Data Processing Errors CWE-400: Uncontrolled Resource Consumption •
CVE-2020-3416 – Cisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3416
Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-rsp3-rce-jVHg8Z7c • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-749: Exposed Dangerous Method or Function •
CVE-2020-3417 – Cisco IOS XE Software Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3417
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xbace-OnCEbyS • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-3418 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability
https://notcve.org/view.php?id=CVE-2020-3418
A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list (ACL) being applied prior to RUN state. An attacker could exploit this vulnerability by connecting to the associated service set identifier (SSID) and sending ICMPv6 traffic. A successful exploit could allow the attacker to send ICMPv6 traffic prior to RUN state. Una vulnerabilidad en Cisco IOS XE Wireless Controller Software para Cisco Catalyst 9800 Series Routers, podría permitir a un atacante adyacente no autenticado enviar tráfico ICMPv6 antes de que el cliente sea ubicado en el estado RUN. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-icmpv6-qb9eYyCR • CWE-284: Improper Access Control •