CVSS: 9.0EPSS: 0%CPEs: 83EXPL: 0CVE-2020-3229 – Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3229
A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user. Una vulnerabilidad en la funcionalidad Role Based Access Control (RBAC) de Cisco IOS XE Web Management Software, podría permitir a un atacante remoto autenticado Read-Only ejecutar comandos o cambios de configuración como usuario administrador. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2020-3227 – Cisco IOx for IOS XE Software Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3227
A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization. The vulnerability is due to incorrect handling of requests for authorization tokens. An attacker could exploit this vulnerability by using a crafted API call to request such a token. An exploit could allow the attacker to obtain an authorization token and execute any of the IOx API commands on an affected device. Una vulnerabilidad en los controles de autorización para la infraestructura de alojamiento de la aplicación Cisco IOx en Cisco IOS XE Software, podría permitir a un atacante remoto no autenticado ejecutar comandos de Cisco IOx API sin la autorización apropiada. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxPE-KgGvCAf9 • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •
CVSS: 7.1EPSS: 0%CPEs: 68EXPL: 0CVE-2020-3220 – Cisco IOS XE Software IPsec VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3220
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle. Una vulnerabilidad en el controlador criptográfico de hardware de Cisco IOS XE Software para Cisco 4300 Series Integrated Services Routers y Cisco Catalyst 9800-L Wireless Controllers, podría permitir a un atacante remoto no autenticado desconectar las sesiones legítimas de VPN IPsec en un dispositivo afectado. La vulnerabilidad es debido a una verificación insuficiente de la autenticidad de los paquetes de Encapsulating Security Payload (ESP) recibidos. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-vpn-dos-edOmW28Z • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.0EPSS: 0%CPEs: 92EXPL: 0CVE-2020-3219 – Cisco IOS XE Software Web UI Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2020-3219
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device. Una vulnerabilidad en la Interfaz de Usuario web de Cisco IOS XE Software, podría permitir a un atacante remoto autenticado inyectar y ejecutar comandos arbitrarios con privilegios administrativos en el sistema operativo subyacente de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-web-cmdinj2-fOnjk2LD • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 58EXPL: 0CVE-2020-3218 – Cisco IOS XE Software Web UI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3218
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by first creating a malicious file on the affected device itself and then uploading a second malicious file to the device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or bypass licensing requirements on the device. Una vulnerabilidad en la Interfaz de Usuario web de Cisco IOS XE Software, podría permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario con privilegios root en el shell de Linux subyacente. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-rce-uk8BXcUD • CWE-20: Improper Input Validation •