A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files.
References
Configurations
History
21 Nov 2024, 05:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-file-mVnPqKW9 - Vendor Advisory |
Information
Published : 2020-06-03 18:15
Updated : 2024-11-21 05:30
NVD link : CVE-2020-3237
Mitre link : CVE-2020-3237
CVE.ORG link : CVE-2020-3237
JSON object : View
Products Affected
cisco
- iox
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')