CVE-2020-3417

🗓️ 24 Sep 2020 18:01:41Reported by ciscoType

A vulnerability in Cisco IOS XE Software allows authenticated local attacker to execute persistent code at boot tim

Reporter	Title	Published	Views	Family All 9
Cisco	Cisco IOS XE Software Arbitrary Code Execution Vulnerability	24 Sep 202016:00	–	cisco
Tenable Nessus	Cisco IOS XE Software Arbitrary Code Execution Vulnerability (cisco-sa-xbace-OnCEbyS)	2 Oct 202000:00	–	nessus
Cvelist	CVE-2020-3417 Cisco IOS XE Software Arbitrary Code Execution Vulnerability	24 Sep 202018:01	–	cvelist
EUVD	EUVD-2020-24688	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Cisco IOS and IOS XE	25 Sep 202000:00	–	ncsc
NVD	CVE-2020-3417	24 Sep 202018:15	–	nvd
Prion	Design/Logic Flaw	24 Sep 202018:15	–	prion
ThreatPost	Cisco Patch-Palooza Tackles 29 High-Severity Bugs	24 Sep 202020:21	–	threatpost
Vulnrichment	CVE-2020-3417 Cisco IOS XE Software Arbitrary Code Execution Vulnerability	24 Sep 202018:01	–	vulnrichment

NVD

Node

cisco ios_xeMatch3.18.0sp

cisco ios_xeMatch3.18.1asp

cisco ios_xeMatch3.18.1bsp

cisco ios_xeMatch3.18.1csp

cisco ios_xeMatch3.18.1gsp

cisco ios_xeMatch3.18.1hsp

cisco ios_xeMatch3.18.1isp

cisco ios_xeMatch3.18.1sp

cisco ios_xeMatch3.18.2asp

cisco ios_xeMatch3.18.2sp

cisco ios_xeMatch3.18.3asp

cisco ios_xeMatch3.18.3bsp

cisco ios_xeMatch3.18.3sp

cisco ios_xeMatch3.18.4sp

cisco ios_xeMatch3.18.5sp

cisco ios_xeMatch3.18.6sp

cisco ios_xeMatch3.18.7sp

cisco ios_xeMatch3.18.8asp

cisco ios_xeMatch3.18.8sp

cisco ios_xeMatch16.6.1

cisco ios_xeMatch16.6.2

cisco ios_xeMatch16.6.3

cisco ios_xeMatch16.6.4

cisco ios_xeMatch16.6.4a

cisco ios_xeMatch16.6.4s

cisco ios_xeMatch16.6.5

cisco ios_xeMatch16.6.5a

cisco ios_xeMatch16.6.5b

cisco ios_xeMatch16.6.6

cisco ios_xeMatch16.6.7

cisco ios_xeMatch16.6.7a

cisco ios_xeMatch16.7.1

cisco ios_xeMatch16.7.1a

cisco ios_xeMatch16.7.1b

cisco ios_xeMatch16.7.2

cisco ios_xeMatch16.7.3

cisco ios_xeMatch16.7.4

cisco ios_xeMatch16.8.1

cisco ios_xeMatch16.8.1a

cisco ios_xeMatch16.8.1b

cisco ios_xeMatch16.8.1c

cisco ios_xeMatch16.8.1d

cisco ios_xeMatch16.8.1e

cisco ios_xeMatch16.8.1s

cisco ios_xeMatch16.8.2

cisco ios_xeMatch16.8.3

cisco ios_xeMatch16.9.1

cisco ios_xeMatch16.9.1a

cisco ios_xeMatch16.9.1b

cisco ios_xeMatch16.9.1c

cisco ios_xeMatch16.9.1d

cisco ios_xeMatch16.9.1s

cisco ios_xeMatch16.9.2

cisco ios_xeMatch16.9.2a

cisco ios_xeMatch16.9.2s

cisco ios_xeMatch16.9.3

cisco ios_xeMatch16.9.3a

cisco ios_xeMatch16.9.3h

cisco ios_xeMatch16.9.3s

cisco ios_xeMatch16.9.4

cisco ios_xeMatch16.9.4c

cisco ios_xeMatch16.9.5

cisco ios_xeMatch16.9.5f

cisco ios_xeMatch16.10.1

cisco ios_xeMatch16.10.1a

cisco ios_xeMatch16.10.1b

cisco ios_xeMatch16.10.1c

cisco ios_xeMatch16.10.1d

cisco ios_xeMatch16.10.1e

cisco ios_xeMatch16.10.1f

cisco ios_xeMatch16.10.1g

cisco ios_xeMatch16.10.1s

cisco ios_xeMatch16.10.2

cisco ios_xeMatch16.10.3

cisco ios_xeMatch16.11.1

cisco ios_xeMatch16.11.1a

cisco ios_xeMatch16.11.1b

cisco ios_xeMatch16.11.1c

cisco ios_xeMatch16.11.1s

cisco ios_xeMatch16.11.2

cisco ios_xeMatch16.12.1

cisco ios_xeMatch16.12.1a

cisco ios_xeMatch16.12.1c

cisco ios_xeMatch16.12.1s

cisco ios_xeMatch16.12.1t

cisco ios_xeMatch16.12.1w

cisco ios_xeMatch16.12.1x

cisco ios_xeMatch16.12.1y

cisco ios_xeMatch16.12.2

cisco ios_xeMatch16.12.2a

cisco ios_xeMatch16.12.2s

cisco ios_xeMatch16.12.2t

cisco ios_xeMatch16.12.3

cisco ios_xeMatch16.12.3a

cisco ios_xeMatch17.1.1

cisco ios_xeMatch17.1.1a

cisco ios_xeMatch17.1.1s

cisco ios_xeMatch17.1.1t

[
  {
    "product": "Cisco IOS XE Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xbace-OnCEbyS

21 Nov 2024 05:31Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.7 - 6.8

CVSS 27.2

EPSS0.00084

SSVC

CWE-78

cisco ios xe vulnerability authenticated local attacker code execution boot time chain of trust rom monitor rommon nvd