Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability
CVE-2020-3166
4.2MEDIUM
Summary
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to a specific CLI command. A successful exploit could allow the attacker to read or write to arbitrary files on the underlying OS.
Affected Version(s)
Cisco Firepower Extensible Operating System (FXOS) < unspecified
References
CVSS V3.1
Score:
4.2
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved