Lucene search

K
cve[email protected]CVE-2020-3451
HistorySep 04, 2020 - 3:15 a.m.

CVE-2020-3451

2020-09-0403:15:10
CWE-119
CWE-20
web.nvd.nist.gov
33
3
cisco
small business
rv340
routers
vulnerabilities
web-based management interface
cve-2020-3451
nvd
security advisory
remote attacker
arbitrary commands
os
administrative credentials

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

5.4 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.3%

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

NVD
Node
ciscorv340w_firmwareRange<1.0.03.19
AND
ciscorv340wMatch-
Node
ciscorv340_firmwareRange<1.0.03.19
AND
ciscorv340Match-
Node
ciscorv345_firmwareRange<1.0.03.19
AND
ciscorv345Match-
Node
ciscorv345p_firmwareRange<1.0.03.19
AND
ciscorv345pMatch-

CNA Affected

[
  {
    "product": "Cisco Small Business RV Series Router Firmware ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Social References

More

4.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

5.4 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

80.3%

Related for CVE-2020-3451