CVE-2020-3530

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.

CVSS v3 8.4 HIGH
CVSS v2.0 5.6 MEDIUM

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.0 / Impact : 5.8

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

5.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:C

Exploitability : 3.9 / Impact : 7.8

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact COMPLETE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:asr_9000v:-:::::::*
	cpe:2.3:h:cisco:asr_9001:-:::::::*
	cpe:2.3:h:cisco:asr_9006:-:::::::*
	cpe:2.3:h:cisco:asr_9010:-:::::::*
	cpe:2.3:h:cisco:asr_9901:-:::::::*
	cpe:2.3:h:cisco:asr_9904:-:::::::*
	cpe:2.3:h:cisco:asr_9906:-:::::::*
	cpe:2.3:h:cisco:asr_9910:-:::::::*
	cpe:2.3:h:cisco:asr_9912:-:::::::*
	cpe:2.3:h:cisco:asr_9922:-:::::::*
	cpe:2.3:h:cisco:ncs_1001:-:::::::*
	cpe:2.3:h:cisco:ncs_1002:-:::::::*
	cpe:2.3:h:cisco:ncs_1004:-:::::::*
	cpe:2.3:h:cisco:ncs_5001:-:::::::*
	cpe:2.3:h:cisco:ncs_5002:-:::::::*
	cpe:2.3:h:cisco:ncs_5011:-:::::::*
	cpe:2.3:h:cisco:ncs_5501:-:::::::*
	cpe:2.3:h:cisco:ncs_5501-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5502:-:::::::*
	cpe:2.3:h:cisco:ncs_5502-se:-:::::::*
	cpe:2.3:h:cisco:ncs_5508:-:::::::*
	cpe:2.3:h:cisco:ncs_5516:-:::::::*

History

No history.

Information

Published : 2020-09-04 03:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-3530

Mitre link : CVE-2020-3530

CVE.ORG link : CVE-2020-3530

JSON object : View

Products Affected

cisco

ncs_1004
ncs_5502
ncs_5508
asr_9010
ncs_5002
asr_9000v
asr_9912
ncs_5001
ios_xr
ncs_1002
ncs_5011
asr_9006
ncs_5516
ncs_5501
asr_9904
asr_9901
asr_9910
asr_9922
asr_9906
ncs_1001
asr_9001
ncs_5502-se
ncs_5501-se

CWE

CWE-863

Incorrect Authorization

CWE-264

Permissions, Privileges, and Access Controls

8.4 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

5.6 /10

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2020-3530

8.4^/10

5.6^/10

Attach tags to `CVE-2020-3530`