cve-2020-3198
Vulnerability from cvelistv5
Published
2020-06-03 17:45
Modified
2024-11-15 17:13
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS 12.2(60)EZ16 |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:24:00.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3198",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:19:40.567795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:13:29.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS 12.2(60)EZ16",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T17:45:13",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH"
}
],
"source": {
"advisory": "cisco-sa-ios-iot-rce-xYRSeMNH",
"defect": [
[
"CSCvr12083",
"CSCvr46885"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-03T16:00:00",
"ID": "CVE-2020-3198",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS 12.2(60)EZ16",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "9.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH"
}
]
},
"source": {
"advisory": "cisco-sa-ios-iot-rce-xYRSeMNH",
"defect": [
[
"CSCvr12083",
"CSCvr46885"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3198",
"datePublished": "2020-06-03T17:45:13.516630Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:13:29.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(60\\\\)ez16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2950C7F-EEB9-4956-937D-CD978AAC2E44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)sg11a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAAC6B58-6FC4-459B-9663-4FDC6A6F8DE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jaa1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAE1AD0D-C3E9-488C-89CB-F2342CF6D5A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jpj:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F69B4F2-4A03-4383-8958-11EE154A7350\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(1\\\\)cg:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D962FBA3-CE59-401B-9451-45001775BA66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(2\\\\)cg:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA8E0069-21AB-497F-9F4C-6F7C041BA0E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C85BAAF-819B-40E7-9099-04AA8D9AB114\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED684DB4-527A-4268-B197-4719B0178429\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88F41406-0F55-4D74-A4F6-4ABD5A803907\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7082C083-7517-4CD4-BF95-CC7AF08D4053\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"370EF3DC-151F-4724-A026-3AD8ED6D801C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B8FB86F-2A89-413B-BED7-97E3D392804E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"005EAD76-34BE-4E3F-8840-23F613661FE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m6a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2595B3E3-7FD4-4EFF-98A2-89156A657A0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB998A1F-BAEA-4B8F-BE49-1C282ED3952E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AABDAB3-6329-48CF-BB49-DA2046AB9048\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C96E41FF-DD4B-4D55-8C96-248C9A15226B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64F7ACB5-4FE5-4B07-8B4D-28DF8D655199\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59F21FEC-A536-45CB-9AE5-61CE45EAD1B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6994F100-864F-4512-9141-F7D1050F9DD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC0CC364-FF3A-4FB3-8004-6628400BC7DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67A1BC08-28AF-4583-BE21-0D85CA2D7B6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A4E00DF-60FD-48F2-A69A-D709A5657F6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F5D3761-16C8-413A-89AD-C076B9B92FF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F690BEC9-FAE9-4C02-9993-34BF14FA99EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BEA314F-8C89-4D6C-A6B6-3E9247A35B7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0B8565B-3EE6-48DC-AE92-9F16AFFC509C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"716EC9AA-0569-4FA7-A244-1A14FA15C5AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39166A66-859D-43A7-9947-3F3C32FBFAAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"097D1950-6159-45A2-8653-D3F90044D0C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F421AC3C-B0BC-4177-ACDB-87792C1636EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m2a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA965B88-3464-4320-B9C4-594C49C9C0F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09CD336D-1110-4B0C-B8D4-7C96293CBADE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C580D9-A2EC-4CBB-87F5-1F5CBA23F73F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m4a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C427BA8-3A8C-4934-997B-6DDF9CEB96AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7809674-4738-463E-B522-FC6C419E2A09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFD51F00-C219-439F-918E-9AF20A6E053A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m6a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57BCB671-7ED0-43D5-894F-8B3DBF44E68E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4802BC7-F326-4F6E-9C74-04032FF35FEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEDE3BCF-B518-47B0-BD3B-0B75515771E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A5C9BF5-0C29-4B50-9A86-29F0ECD44F1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1B0621A-D7A2-415B-91ED-674F2FB4227B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D9D7FDD-8CE6-4E83-A186-734BC5546E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E25B3DC-B9A7-4DFC-8566-3F790F460DDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"679DCA8C-F64B-4716-BCC9-9C461A89CB29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF662E36-0831-4892-850F-844B0E0B54DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E71F49D-E405-4AB4-9188-DA7B338DFD7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"204B0A52-F6AB-406B-B46D-E92F2D7D87F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09578DDF-5D13-47C1-9BD1-A1A8B9B0C87D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BBF8B70-DFBE-4F6E-83F0-171F03E97606\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA55D660-66C6-4278-8C27-25DB2712CC1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5609B342-D98E-4850-A0FE-810699A80A1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8320F23D-F6BE-405B-B645-1CEB984E8267\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7C5C705-6A8C-4834-9D24-CFE26A232C15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m1b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC270E40-CABA-44B4-B4DD-E9C47A97770B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC1DB8C1-7F7D-4562-A317-87E925CAD524\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB2645F-C3BF-458F-9D07-6D66E1953730\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m3a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"686FD45C-7722-4D98-A6D7-C36CAC56A4AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"871E33AC-B469-47BA-9317-DC9E3E9BF5C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4091CAC-BFAA-404C-A827-4DA9EADDF621\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0DA9FCA-4166-4084-96AF-E82CC4A4DB25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"369A99E0-3451-41D1-8C56-5352EA689950\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33D4A7FA-E4E0-49C2-97FD-A547A1612F75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C8A00BF-4522-467B-A96E-5C33623DCA2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C106CF-CBD3-4630-8E77-EDB1643F97E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1DB7943-5CE1-44F6-B093-5EA65BF71A59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64404B00-4956-47B8-ACDB-88E365E97212\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FE6A696-5CBC-4552-A54E-55C21BC74D7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41237041-1D82-4C6C-BF48-ECEDF9DB08C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAB72CA3-088E-4EFE-BE1C-190C64101851\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA584AC4-96AB-4026-84DF-F44F3B97F7E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A58C01B-459E-432F-A49F-68EC45EE6E14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56AD5BA0-4D08-4A92-88BE-60AF29BC35CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"198FF520-7631-49D9-B8A8-2E64F6237CC0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m2a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94E067E8-552B-4691-9F6A-C5E8766287BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C4162EC-90DE-4194-8ABC-55CCB8C24FF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"405CC56E-574F-4983-B492-C8811FAF06E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1829074-66F9-4B3B-A084-B88D838CFC44\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.9\\\\(3\\\\)m:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:15.9\\\\(3\\\\)m0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0807458A-2453-4575-AE19-0DE15E04B88C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2D64BDE-0D00-4FBE-873B-F5D52AD0C5A2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1240:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0502FCFE-B123-422C-AC43-05260B4E952C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:809:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D5AB946-818F-44CF-864E-F24ACC999A2D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:829:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0606E8E-0E89-4DE9-8389-60D9DDAC30B8\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades en Cisco IOS Software para Cisco 809 y 829 Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podr\\u00edan permitir a un atacante remoto no autenticado o a un atacante local autenticado ejecutar c\\u00f3digo arbitrario en un sistema afectado o causar que un sistema afectado se bloquee y se vuelva a cargar. Para mayor informaci\\u00f3n sobre estas vulnerabilidades, ver la secci\\u00f3n de Detalles de este aviso.\"}]",
"id": "CVE-2020-3198",
"lastModified": "2024-11-21T05:30:31.917",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-06-03T18:15:16.917",
"references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-3198\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2020-06-03T18:15:16.917\",\"lastModified\":\"2024-11-21T05:30:31.917\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades en Cisco IOS Software para Cisco 809 y 829 Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podr\u00edan permitir a un atacante remoto no autenticado o a un atacante local autenticado ejecutar c\u00f3digo arbitrario en un sistema afectado o causar que un sistema afectado se bloquee y se vuelva a cargar. Para mayor informaci\u00f3n sobre estas vulnerabilidades, ver la secci\u00f3n de Detalles de este aviso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(60\\\\)ez16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2950C7F-EEB9-4956-937D-CD978AAC2E44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.0\\\\(2\\\\)sg11a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAAC6B58-6FC4-459B-9663-4FDC6A6F8DE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jaa1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAE1AD0D-C3E9-488C-89CB-F2342CF6D5A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.3\\\\(3\\\\)jpj:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F69B4F2-4A03-4383-8958-11EE154A7350\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(1\\\\)cg:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D962FBA3-CE59-401B-9451-45001775BA66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(2\\\\)cg:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA8E0069-21AB-497F-9F4C-6F7C041BA0E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C85BAAF-819B-40E7-9099-04AA8D9AB114\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED684DB4-527A-4268-B197-4719B0178429\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F41406-0F55-4D74-A4F6-4ABD5A803907\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7082C083-7517-4CD4-BF95-CC7AF08D4053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"370EF3DC-151F-4724-A026-3AD8ED6D801C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B8FB86F-2A89-413B-BED7-97E3D392804E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"005EAD76-34BE-4E3F-8840-23F613661FE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2595B3E3-7FD4-4EFF-98A2-89156A657A0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB998A1F-BAEA-4B8F-BE49-1C282ED3952E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AABDAB3-6329-48CF-BB49-DA2046AB9048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C96E41FF-DD4B-4D55-8C96-248C9A15226B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.4\\\\(3\\\\)m10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F7ACB5-4FE5-4B07-8B4D-28DF8D655199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59F21FEC-A536-45CB-9AE5-61CE45EAD1B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6994F100-864F-4512-9141-F7D1050F9DD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC0CC364-FF3A-4FB3-8004-6628400BC7DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(1\\\\)t4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67A1BC08-28AF-4583-BE21-0D85CA2D7B6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A4E00DF-60FD-48F2-A69A-D709A5657F6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F5D3761-16C8-413A-89AD-C076B9B92FF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F690BEC9-FAE9-4C02-9993-34BF14FA99EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BEA314F-8C89-4D6C-A6B6-3E9247A35B7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(2\\\\)t4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0B8565B-3EE6-48DC-AE92-9F16AFFC509C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"716EC9AA-0569-4FA7-A244-1A14FA15C5AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39166A66-859D-43A7-9947-3F3C32FBFAAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"097D1950-6159-45A2-8653-D3F90044D0C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F421AC3C-B0BC-4177-ACDB-87792C1636EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA965B88-3464-4320-B9C4-594C49C9C0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09CD336D-1110-4B0C-B8D4-7C96293CBADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C580D9-A2EC-4CBB-87F5-1F5CBA23F73F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C427BA8-3A8C-4934-997B-6DDF9CEB96AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7809674-4738-463E-B522-FC6C419E2A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFD51F00-C219-439F-918E-9AF20A6E053A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57BCB671-7ED0-43D5-894F-8B3DBF44E68E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4802BC7-F326-4F6E-9C74-04032FF35FEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDE3BCF-B518-47B0-BD3B-0B75515771E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A5C9BF5-0C29-4B50-9A86-29F0ECD44F1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1B0621A-D7A2-415B-91ED-674F2FB4227B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.5\\\\(3\\\\)m11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D9D7FDD-8CE6-4E83-A186-734BC5546E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E25B3DC-B9A7-4DFC-8566-3F790F460DDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"679DCA8C-F64B-4716-BCC9-9C461A89CB29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF662E36-0831-4892-850F-844B0E0B54DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E71F49D-E405-4AB4-9188-DA7B338DFD7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(1\\\\)t3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"204B0A52-F6AB-406B-B46D-E92F2D7D87F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09578DDF-5D13-47C1-9BD1-A1A8B9B0C87D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BBF8B70-DFBE-4F6E-83F0-171F03E97606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA55D660-66C6-4278-8C27-25DB2712CC1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(2\\\\)t3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5609B342-D98E-4850-A0FE-810699A80A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8320F23D-F6BE-405B-B645-1CEB984E8267\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7C5C705-6A8C-4834-9D24-CFE26A232C15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC270E40-CABA-44B4-B4DD-E9C47A97770B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC1DB8C1-7F7D-4562-A317-87E925CAD524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB2645F-C3BF-458F-9D07-6D66E1953730\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"686FD45C-7722-4D98-A6D7-C36CAC56A4AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"871E33AC-B469-47BA-9317-DC9E3E9BF5C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4091CAC-BFAA-404C-A827-4DA9EADDF621\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0DA9FCA-4166-4084-96AF-E82CC4A4DB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m6b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"369A99E0-3451-41D1-8C56-5352EA689950\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.6\\\\(3\\\\)m7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33D4A7FA-E4E0-49C2-97FD-A547A1612F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8A00BF-4522-467B-A96E-5C33623DCA2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C106CF-CBD3-4630-8E77-EDB1643F97E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1DB7943-5CE1-44F6-B093-5EA65BF71A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64404B00-4956-47B8-ACDB-88E365E97212\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FE6A696-5CBC-4552-A54E-55C21BC74D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41237041-1D82-4C6C-BF48-ECEDF9DB08C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m4b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAB72CA3-088E-4EFE-BE1C-190C64101851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.7\\\\(3\\\\)m5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA584AC4-96AB-4026-84DF-F44F3B97F7E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A58C01B-459E-432F-A49F-68EC45EE6E14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56AD5BA0-4D08-4A92-88BE-60AF29BC35CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"198FF520-7631-49D9-B8A8-2E64F6237CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E067E8-552B-4691-9F6A-C5E8766287BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C4162EC-90DE-4194-8ABC-55CCB8C24FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"405CC56E-574F-4983-B492-C8811FAF06E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.8\\\\(3\\\\)m3b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1829074-66F9-4B3B-A084-B88D838CFC44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.9\\\\(3\\\\)m:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:15.9\\\\(3\\\\)m0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0807458A-2453-4575-AE19-0DE15E04B88C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2D64BDE-0D00-4FBE-873B-F5D52AD0C5A2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0502FCFE-B123-422C-AC43-05260B4E952C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:809:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D5AB946-818F-44CF-864E-F24ACC999A2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:829:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0606E8E-0E89-4DE9-8389-60D9DDAC30B8\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\", \"name\": \"20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:24:00.909Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3198\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-15T16:19:40.567795Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T16:20:08.851Z\"}}], \"cna\": {\"title\": \"Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities\", \"source\": {\"defect\": [[\"CSCvr12083\", \"CSCvr46885\"]], \"advisory\": \"cisco-sa-ios-iot-rce-xYRSeMNH\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS 12.2(60)EZ16\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"datePublic\": \"2020-06-03T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\", \"name\": \"20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-06-03T17:45:13\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"9.8\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, \"source\": {\"defect\": [[\"CSCvr12083\", \"CSCvr46885\"]], \"advisory\": \"cisco-sa-ios-iot-rce-xYRSeMNH\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco IOS 12.2(60)EZ16\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-rce-xYRSeMNH\", \"name\": \"20200603 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-119\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3198\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-06-03T16:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2020-3198\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T17:13:29.986Z\", \"dateReserved\": \"2019-12-12T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-06-03T17:45:13.516630Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.