Lucene search

K
cve[email protected]CVE-2020-3423
HistorySep 24, 2020 - 6:15 p.m.

CVE-2020-3423

2020-09-2418:15:19
CWE-119
web.nvd.nist.gov
31
2
cisco
ios xe
vulnerability
lua
arbitrary code execution
buffer overflow
nvd

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device. The vulnerability is due to insufficient restrictions on Lua function calls within the context of user-supplied Lua scripts. An attacker with valid administrative credentials could exploit this vulnerability by submitting a malicious Lua script. When this file is processed, an exploitable buffer overflow condition could occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux OS of the affected device.

Affected configurations

NVD
Node
ciscoios_xeMatch-
AND
cisco1100_integrated_services_routerMatch-
OR
cisco1101_integrated_services_routerMatch-
OR
cisco1109_integrated_services_routerMatch-
OR
cisco1111x_integrated_services_routerMatch-
OR
cisco111x_integrated_services_routerMatch-
OR
cisco1120_integrated_services_routerMatch-
OR
cisco1160_integrated_services_routerMatch-
OR
cisco4221_integrated_services_routerMatch-
OR
cisco4321_integrated_services_routerMatch-
OR
cisco4331_integrated_services_routerMatch-
OR
cisco4351_integrated_services_routerMatch-
OR
cisco4431_integrated_services_routerMatch-
OR
cisco4451-x_integrated_services_routerMatch-
OR
cisco4461_integrated_services_routerMatch-
OR
ciscoasr_1001-hxMatch-
OR
ciscoasr_1001-xMatch-
OR
ciscoasr_1002-hxMatch-
OR
ciscoasr_1002-xMatch-
OR
ciscoasr_1004Match-
OR
ciscoasr_1006Match-
OR
ciscoasr_1006-xMatch-
OR
ciscoasr_1009-xMatch-
OR
ciscoasr_1013Match-
OR
ciscocbr-8_converged_broadband_routerMatch-
OR
ciscocloud_services_router_1000vMatch-
CPENameOperatorVersion
cisco:ios_xecisco ios xeeq-

CNA Affected

[
  {
    "product": "Cisco IOS XE Software 3.7.0S",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Social References

More

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2020-3423