CVE-2020-3229 | ByteOS Network

Vulnerability Details :

CVE-2020-3229

Assigner-cisco

Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633

Published At-03 Jun, 2020 | 17:42

Updated At-15 Nov, 2024 | 17:14

Cisco IOS XE Software Web UI Privilege Escalation Vulnerability

A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user.

EPSS History

Score

Latest Score

-

N/A

Percentile

Latest Percentile

-

N/A

▼Common Vulnerabilities and Exposures (CVE)

Assigner:cisco

Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633

Published At:03 Jun, 2020 | 17:42

Updated At:15 Nov, 2024 | 17:14

▼CVE Numbering Authority (CNA)

Cisco IOS XE Software Web UI Privilege Escalation Vulnerability

A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user.

Affected Products

Vendor

Cisco Systems, Inc.

Product

Cisco IOS XE Software 16.2.2

Versions

Affected

n/a

Problem Types

Type	CWE ID	Description
CWE	CWE-264	CWE-264

Type: CWE

CWE ID: CWE-264

Description: CWE-264

Metrics

Version	Base score	Base severity	Vector
3.0	8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Version: 3.0

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

References

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG	vendor-advisory x_refsource_CISCO

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG

Resource:

vendor-advisory

x_refsource_CISCO

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG	vendor-advisory x_refsource_CISCO x_transferred

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG

Resource:

vendor-advisory

x_refsource_CISCO

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

Source:ykramarz@cisco.com

Published At:03 Jun, 2020 | 18:15

Updated At:09 Jun, 2020 | 18:59

A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.0	8.8	HIGH	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.0

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 9.0

Base severity: HIGH

Vector:

AV:N/AC:L/Au:S/C:C/I:C/A:C

CPE Matches

Cisco Systems, Inc.

>>ios_xe>>16.2.2

cpe:2.3:o:cisco:ios_xe:16.2.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.1

cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.1a

cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.2

cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.3

cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.4

cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.5

cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.5b

cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.6

cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.7

cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.8

cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.9

cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.3.10

cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.4.1

cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.4.2

cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.4.3

cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.5.1

cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.5.1a

cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.5.1b

cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.5.2

cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.5.3

cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.1

cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.2

cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.3

cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.4

cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.4a

cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.4s

cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.5

cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.5a

cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.5b

cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.6

cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.7

cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.7a

cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.6.8

cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.1

cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.1a

cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.1b

cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.2

cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.3

cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.7.4

cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1

cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1a

cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1b

cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1c

cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1d

cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1e

cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.1s

cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.2

cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.8.3

cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*

Cisco Systems, Inc.

>>ios_xe>>16.9.1

cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-863	Primary	nvd@nist.gov
CWE-264	Secondary	ykramarz@cisco.com

CWE ID: CWE-863

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-264

Type: Secondary

Source: ykramarz@cisco.com

References

Hyperlink	Source	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG	ykramarz@cisco.com	Patch Vendor Advisory

Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-PZgQxjfG

Source: ykramarz@cisco.com

Resource:

Patch

Vendor Advisory