CVE-2020-3474 (GCVE-0-2020-3474)

Vulnerability from cvelistv5 – Published: 2020-09-24 17:53 – Updated: 2024-11-13 17:57
VLAI
Title
Cisco IOS XE Software Web Management Framework Vulnerabilities
Summary
Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
Severity
4.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
Impacted products
Date Public
2020-09-24 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3474",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:23:15.666565Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:57:33.266Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software 16.1.1",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-09-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T17:53:03.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr",
        "defect": [
          [
            "CSCvs40364",
            "CSCvs40405"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software Web Management  Framework Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-09-24T16:00:00",
          "ID": "CVE-2020-3474",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software Web Management  Framework Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software 16.1.1",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "4.3",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ios-xe-webui-multi-vfTkk7yr",
          "defect": [
            [
              "CSCvs40364",
              "CSCvs40405"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3474",
    "datePublished": "2020-09-24T17:53:03.262Z",
    "dateReserved": "2019-12-12T00:00:00.000Z",
    "dateUpdated": "2024-11-13T17:57:33.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-3474",
      "date": "2026-06-18",
      "epss": "0.009",
      "percentile": "0.54964"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7D95E8A-8F0B-44E5-B266-09E10BAAEC55\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1952B64C-4AE0-4CCB-86C5-8D1FF6A12822\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EB8A757-7888-4AC2-BE44-B89DB83C6C77\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B80890A8-E3D3-462C-B125-9E9BC6525B02\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0547E196-5991-4C33-823A-342542E9DFD3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"802CBFC1-8A2F-4BF7-A1D3-00622C33BE16\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D916389F-54DB-44CB-91DD-7CE3C7059350\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7594E307-AC80-41EC-AE94-07E664A7D701\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09C913FF-63D5-43FB-8B39-598EF436BA5A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD2794BD-C8CE-46EF-9857-1723FCF04E46\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"444F688F-79D0-4F22-B530-7BD520080B8F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55DD2272-10C2-43B9-9F13-6DC41DBE179B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7428E0A8-1641-47FB-9CA9-34311DEF660D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE7401B7-094C-46EB-9869-2F0372E8B26B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"854D9594-FE84-4E7B-BA21-A3287F2DC302\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B9ED0E5-CB20-4106-9CF2-8EB587B33543\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B0E620C-8E09-4F7C-A326-26013173B993\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF93F1C8-669F-4ECB-8D81-ECDA7B550175\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E0BA345-B7D7-4975-9199-4DC7875BBFD0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA0BC769-C244-41BD-BE80-E67F4E1CDDA4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7E00A0B-A58E-472F-B107-0FE106751F2D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCB45406-5216-4A11-B8D3-C44639DC26B0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"215D01AE-3767-482A-85C5-3361506F0AC3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A06E37A8-166F-4534-9089-D20B1227F4DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"327167E8-4B65-4F9D-8760-34CDA03887CA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0DA2253-C6A9-4749-B313-6552628A96F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C925086A-94B9-4FE0-9FEB-3242C1217453\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EB14B34-4035-41D2-834B-7FB069264207\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A46D298-1685-410E-879C-2EBC45C185AC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"196A7C06-8371-479D-973D-591DEB181739\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE42511E-9883-4779-A8E5-FC3E16EF2793\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB06AD21-91A7-46B8-8F44-683828A5422D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92134C0A-4E5B-43EF-8439-484DF504C43C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26ECF9BD-F632-4A02-8993-C0D44B91289C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3A88142-3284-4C25-8774-36004B5F9087\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8EB76311-4B6D-4897-A683-4244E92BD570\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71FA2F5A-6146-4142-96A8-552118E4BB67\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CFB064E-E390-47B5-AA76-5D3D2E368055\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-12x48uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75310844-0DEA-4F0B-B9DB-AA55AA3EED17\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-12x48ur:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28D2AC87-9D6C-4E49-8923-F6B5C73B18F6\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-12x48uz:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A51E5D-501F-4EDE-8566-A6C217D4C7C3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-24pd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFB1635F-48C9-47A4-8284-953DFA0B1C89\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-24pdm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE619CD8-98F9-4CAC-BFB7-EB4DD84040B9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-24ps:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE323F9B-C767-4B8E-82C2-1387F29444BC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-24td:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5124B311-935A-4267-B360-08C8F0BE8691\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-24ts:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E92A4C9B-B5AA-4112-9136-D6E187057BE7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48fd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E328765-1E27-4E50-9DE0-556D4A349151\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48fq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8528780-0254-4D21-8172-71BD01988608\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48fqm:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97203BEC-044F-4263-A4EA-536486BBEC6A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48fs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3AAB4D4-6986-4055-B68D-AA9E306DA5BD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48pd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F821C98D-B8E3-44A9-8534-ACBDD4BEB5F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48pq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"733850D4-DD9D-40B8-BB7F-FF9C26818FAC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48ps:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"276373D2-CB95-43F8-A4C4-5A0E1B0046F7\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48td:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77599A2E-3149-4C7B-90A2-C95E4FAAC3E1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48tq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A14F739-1643-4425-8C9E-4A7FB831F4B8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-48ts:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E1D0F90-14C7-404F-9F75-9D9937E489D9\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3650-8x24uq:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCE19812-3A07-4561-BB1A-0B43C11F5FA3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA292FB5-7589-4E22-8AE1-CEE4E987CD9E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-12s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C0BCC2C-20D6-40EB-9334-C83FC5F69A93\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-12x48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F3EC00D-ACEA-49DE-A7A8-42CCA6569D2A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-12xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1341B21E-49E9-4219-B1B0-592B180D5D09\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EAF61B9-CE12-40E9-9DCE-D3411E74BBB3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24s:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1DB530A-74B9-43DA-B8E8-A761E6A159F1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B8C8EA0-7767-4CC1-88BE-B678FAFD96C2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56929D47-3994-4008-87DA-F64AAB7EB12D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C0CE864-1B46-4040-87F3-3CFE3517422C\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-24xu:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7EFF383-6194-41C0-A6FE-DBF17D43EDDD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-48f:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA9254CA-6616-4743-B146-A120D97350A2\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-48p:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D75A217-8CDF-40B5-BB48-D018FFC6BCBA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-48t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C1CD87D-3AAA-4474-8C90-26552FF5C90B\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-48u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9AE2EAFB-83D9-4517-9B17-3A6D3D846D9F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:ws-c3850-48xs:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"819E8E03-F31D-47BF-9725-6F352924F002\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades en el framework de administraci\\u00f3n web de Cisco IOS XE Software, podr\\u00edan permitir a un atacante remoto autenticado con privilegios de solo lectura conseguir acceso de lectura no autorizado a datos confidenciales o causar que el software de administraci\\u00f3n web se cuelgue o bloquee, resultando en una  condici\\u00f3n de denegaci\\u00f3n de servicio (DoS).\u0026#xa0;Para m\\u00e1s informaci\\u00f3n sobre estas vulnerabilidades, consulte la secci\\u00f3n Detalles de este aviso.\"}]",
      "id": "CVE-2020-3474",
      "lastModified": "2024-11-21T05:31:08.583",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:P\", \"baseScore\": 5.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-09-24T18:15:19.637",
      "references": "[{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-3474\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2020-09-24T18:15:19.637\",\"lastModified\":\"2024-11-21T05:31:08.583\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades en el framework de administraci\u00f3n web de Cisco IOS XE Software, podr\u00edan permitir a un atacante remoto autenticado con privilegios de solo lectura conseguir acceso de lectura no autorizado a datos confidenciales o causar que el software de administraci\u00f3n web se cuelgue o bloquee, resultando en una  condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:P\",\"baseScore\":5.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7D95E8A-8F0B-44E5-B266-09E10BAAEC55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1952B64C-4AE0-4CCB-86C5-8D1FF6A12822\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EB8A757-7888-4AC2-BE44-B89DB83C6C77\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80890A8-E3D3-462C-B125-9E9BC6525B02\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0547E196-5991-4C33-823A-342542E9DFD3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"802CBFC1-8A2F-4BF7-A1D3-00622C33BE16\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D916389F-54DB-44CB-91DD-7CE3C7059350\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7594E307-AC80-41EC-AE94-07E664A7D701\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C913FF-63D5-43FB-8B39-598EF436BA5A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD2794BD-C8CE-46EF-9857-1723FCF04E46\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444F688F-79D0-4F22-B530-7BD520080B8F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55DD2272-10C2-43B9-9F13-6DC41DBE179B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7428E0A8-1641-47FB-9CA9-34311DEF660D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7401B7-094C-46EB-9869-2F0372E8B26B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"854D9594-FE84-4E7B-BA21-A3287F2DC302\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9ED0E5-CB20-4106-9CF2-8EB587B33543\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0E620C-8E09-4F7C-A326-26013173B993\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF93F1C8-669F-4ECB-8D81-ECDA7B550175\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E0BA345-B7D7-4975-9199-4DC7875BBFD0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA0BC769-C244-41BD-BE80-E67F4E1CDDA4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18736C74-F68F-4D0B-AE2B-4BC1834EF794\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D223C2AB-22A4-42B5-8BBB-78E2CBF23B40\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD3EAA2-8F25-4099-B76F-5ACC3BE34610\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE9BD57F-BDAC-46DD-AF87-8914B29670F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E00A0B-A58E-472F-B107-0FE106751F2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB45406-5216-4A11-B8D3-C44639DC26B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"215D01AE-3767-482A-85C5-3361506F0AC3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A06E37A8-166F-4534-9089-D20B1227F4DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9D6DAE3-BAD0-46D8-B899-45B955F532F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"327167E8-4B65-4F9D-8760-34CDA03887CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0DA2253-C6A9-4749-B313-6552628A96F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C925086A-94B9-4FE0-9FEB-3242C1217453\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EB14B34-4035-41D2-834B-7FB069264207\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A46D298-1685-410E-879C-2EBC45C185AC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"196A7C06-8371-479D-973D-591DEB181739\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE42511E-9883-4779-A8E5-FC3E16EF2793\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB06AD21-91A7-46B8-8F44-683828A5422D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA169AF-3743-4051-B63B-FF6E1ADCD886\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D13CF5B-4482-4C7D-8D6A-E220F3E4F868\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92134C0A-4E5B-43EF-8439-484DF504C43C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26ECF9BD-F632-4A02-8993-C0D44B91289C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48730DB5-94AF-4BE7-8047-52B8B47CE35A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3A88142-3284-4C25-8774-36004B5F9087\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB76311-4B6D-4897-A683-4244E92BD570\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDA2975-CDB7-4182-A03E-D34F15CDF6F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35B9D0B5-4BE1-490E-9A68-00A3D357BC3D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71FA2F5A-6146-4142-96A8-552118E4BB67\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF786D6-F28F-49D8-A15C-BFD0AA934355\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2E41E2-00CE-42C4-8C91-9307D76F5D7A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98CB2D23-B5F8-4FA9-8431-3B0124CE2140\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53D13F1D-345D-45D5-9000-DAFE8A85D71B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CFB064E-E390-47B5-AA76-5D3D2E368055\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-12x48uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75310844-0DEA-4F0B-B9DB-AA55AA3EED17\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-12x48ur:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D2AC87-9D6C-4E49-8923-F6B5C73B18F6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-12x48uz:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A51E5D-501F-4EDE-8566-A6C217D4C7C3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-24pd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFB1635F-48C9-47A4-8284-953DFA0B1C89\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-24pdm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE619CD8-98F9-4CAC-BFB7-EB4DD84040B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-24ps:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE323F9B-C767-4B8E-82C2-1387F29444BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-24td:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5124B311-935A-4267-B360-08C8F0BE8691\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-24ts:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E92A4C9B-B5AA-4112-9136-D6E187057BE7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48fd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E328765-1E27-4E50-9DE0-556D4A349151\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48fq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8528780-0254-4D21-8172-71BD01988608\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48fqm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97203BEC-044F-4263-A4EA-536486BBEC6A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48fs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3AAB4D4-6986-4055-B68D-AA9E306DA5BD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48pd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F821C98D-B8E3-44A9-8534-ACBDD4BEB5F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48pq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"733850D4-DD9D-40B8-BB7F-FF9C26818FAC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48ps:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"276373D2-CB95-43F8-A4C4-5A0E1B0046F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48td:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77599A2E-3149-4C7B-90A2-C95E4FAAC3E1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48tq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A14F739-1643-4425-8C9E-4A7FB831F4B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-48ts:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E1D0F90-14C7-404F-9F75-9D9937E489D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3650-8x24uq:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE19812-3A07-4561-BB1A-0B43C11F5FA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA292FB5-7589-4E22-8AE1-CEE4E987CD9E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-12s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C0BCC2C-20D6-40EB-9334-C83FC5F69A93\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-12x48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F3EC00D-ACEA-49DE-A7A8-42CCA6569D2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-12xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1341B21E-49E9-4219-B1B0-592B180D5D09\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EAF61B9-CE12-40E9-9DCE-D3411E74BBB3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1DB530A-74B9-43DA-B8E8-A761E6A159F1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B8C8EA0-7767-4CC1-88BE-B678FAFD96C2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56929D47-3994-4008-87DA-F64AAB7EB12D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0CE864-1B46-4040-87F3-3CFE3517422C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-24xu:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7EFF383-6194-41C0-A6FE-DBF17D43EDDD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-48f:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA9254CA-6616-4743-B146-A120D97350A2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-48p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D75A217-8CDF-40B5-BB48-D018FFC6BCBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-48t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C1CD87D-3AAA-4474-8C90-26552FF5C90B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-48u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AE2EAFB-83D9-4517-9B17-3A6D3D846D9F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ws-c3850-48xs:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"819E8E03-F31D-47BF-9725-6F352924F002\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"name\": \"20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:37:54.455Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3474\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:23:15.666565Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:27:03.824Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software Web Management  Framework Vulnerabilities\", \"source\": {\"defect\": [[\"CSCvs40364\", \"CSCvs40405\"]], \"advisory\": \"cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software 16.1.1\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"datePublic\": \"2020-09-24T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"name\": \"20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-09-24T17:53:03.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"4.3\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\"}}, \"source\": {\"defect\": [[\"CSCvs40364\", \"CSCvs40405\"]], \"advisory\": \"cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco IOS XE Software 16.1.1\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr\", \"name\": \"20200924 Cisco IOS XE Software Web Management  Framework Vulnerabilities\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3474\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software Web Management  Framework Vulnerabilities\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-09-24T16:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-3474\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T17:57:33.266Z\", \"dateReserved\": \"2019-12-12T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-09-24T17:53:03.262Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.