CVE-2020-3220 – Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3220
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle. Una vulnerabilidad en el controlador criptográfico de hardware de Cisco IOS XE Software para Cisco 4300 Series Integrated Services Routers y Cisco Catalyst 9800-L Wireless Controllers, podría permitir a un atacante remoto no autenticado desconectar las sesiones legítimas de VPN IPsec en un dispositivo afectado. La vulnerabilidad es debido a una verificación insuficiente de la autenticidad de los paquetes de Encapsulating Security Payload (ESP) recibidos. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-vpn-dos-edOmW28Z • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2020-3219 – Cisco IOS XE Software Web UI Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-3219
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device. Una vulnerabilidad en la Interfaz de Usuario web de Cisco IOS XE Software, podría permitir a un atacante remoto autenticado inyectar y ejecutar comandos arbitrarios con privilegios administrativos en el sistema operativo subyacente de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-web-cmdinj2-fOnjk2LD • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2020-3218 – Cisco IOS XE Software Web UI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3218
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by first creating a malicious file on the affected device itself and then uploading a second malicious file to the device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or bypass licensing requirements on the device. Una vulnerabilidad en la Interfaz de Usuario web de Cisco IOS XE Software, podría permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario con privilegios root en el shell de Linux subyacente. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-rce-uk8BXcUD • CWE-20: Improper Input Validation •
CVE-2020-3217 – Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3217
A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient length restrictions when the onePK Topology Discovery Service parses Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol message to an affected device. An exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges, or to cause a process crash, which could result in a reload of the device and cause a DoS condition. Una vulnerabilidad en el Topology Discovery Service de Cisco One Platform Kit (onePK) en Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario o causar una condición de denegación de servicio (DoS) sobre un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC • CWE-20: Improper Input Validation •
CVE-2020-3215 – Cisco IOS XE Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3215
A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device. Una vulnerabilidad en el Virtual Services Container de Cisco IOS XE Software, podría permitir a un atacante local autenticado conseguir privilegios de nivel root sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de un open virtual appliance (OVA) suministrado por el usuario. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc1-OKMKFRhV • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •