Lucene search
CiscoCISCO-SA-PRIV-ESC2-A6JVRU7CHistoryJun 03, 2020 - 4:00 p.m.
Cisco IOS XE Software Privilege Escalation Vulnerability
2020-06-0316:00:00
tools.cisco.com
9
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges.
The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc2-A6jVRu7C [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc2-A6jVRu7C”]
Affected configurations
Node
ciscorvs4000_softwareMatch16.11
ORciscorvs4000_softwareMatch16.12
ORciscorvs4000_softwareMatch16.11.1
ORciscorvs4000_softwareMatch16.11.1a
ORciscorvs4000_softwareMatch16.11.1b
ORciscorvs4000_softwareMatch16.11.2
ORciscorvs4000_softwareMatch16.11.1s
ORciscorvs4000_softwareMatch16.11.1c
ORciscorvs4000_softwareMatch16.12.1
ORciscorvs4000_softwareMatch16.12.1s
ORciscorvs4000_softwareMatch16.12.1a
ORciscorvs4000_softwareMatch16.12.1c
ORciscorvs4000_softwareMatch16.12.1t
Related
cvelist
cvelist
CVE-2020-3214 Cisco IOS XE Software Privilege Escalation Vulnerability
2020-06-03 00:00:00
nvd
nvd
CVE-2020-3214
2020-06-03 18:15:19
nessus
nessus
Cisco IOS XE Software Privilege Escalation (cisco-sa-priv-esc2-A6jVRu7C)
2020-06-11 00:00:00
prion
prion
Input validation
2020-06-03 18:15:00
cve
cve
CVE-2020-3214
2020-06-03 18:15:19