CVE-2020-3411

A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. The vulnerability is due to improper handling of authentication tokens by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker access to sensitive device information, which includes configuration files.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*

History

06 Aug 2021, 18:57

Type Values Removed Values Added
CWE CWE-200 CWE-287

Information

Published : 2020-08-17 18:15

Updated : 2023-12-10 13:27


NVD link : CVE-2020-3411

Mitre link : CVE-2020-3411

CVE.ORG link : CVE-2020-3411


JSON object : View

Products Affected

cisco

  • dna_center
CWE
CWE-287

Improper Authentication

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor