CVE-2020-3396

{"id": "CVE-2020-3396", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 0.5}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 0.5}]}, "published": "2020-09-24T18:15:17.683", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-usb-guestshell-WmevScDj", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability occurs because the USB 3.0 SSD control data is not stored on the internal boot flash. An attacker could exploit this vulnerability by removing the USB 3.0 SSD, modifying or deleting files on the USB 3.0 SSD by using another device, and then reinserting the USB 3.0 SSD on the original device. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container with root privileges."}, {"lang": "es", "value": "Una vulnerabilidad en el sistema de archivos en la USB 3.0 Solid State Drive (SSD) conectable para el Cisco IOS XE Software, podr\u00eda permitir a un atacante f\u00edsico autenticado eliminar el SSD USB 3.0 y modificar \u00e1reas sensibles del sistema de archivos, incluyendo las protecciones del contenedor de espacio de nombres. La vulnerabilidad se produce porque los datos de control del SSD USB 3.0 no se almacenan en la memoria flash de arranque interna. Un atacante podr\u00eda explotar esta vulnerabilidad quitando el SSD USB 3.0, modificando o eliminando archivos en el SSD USB 3.0 usando otro dispositivo y luego reinsertando el SSD USB 3.0 en el dispositivo original. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante eliminar las protecciones del contenedor y realizar acciones de archivos fuera del espacio de nombres del contenedor con privilegios root."}], "lastModified": "2023-11-07T03:22:40.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"}, {"criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB"}, {"criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8"}, {"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"}, {"criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5"}, {"criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822"}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "05C90C43-2D7D-43F8-AD7F-421878909AE2"}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "445597DA-7EEC-470D-9A71-BC43A9F7DE5E"}, {"criteria": "cpe:2.3:h:cisco:4321\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "86049773-C88D-4A26-A0D3-D40F3C312AEC"}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6AB4B7C2-4D45-4267-BCBB-57D36C6104A3"}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B8A4630-8B21-4994-8EF5-E105593A64E5"}, {"criteria": "cpe:2.3:h:cisco:4331\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F799DC02-EB06-458C-8545-A174475FE7A2"}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B89FBA68-A8ED-4C5A-916E-A68468F59730"}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD272E6E-2ED1-4408-8FF7-0B82F9DCBEF8"}, {"criteria": "cpe:2.3:h:cisco:4351\\/k9_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC278B77-AD63-42AD-B9E8-EE4DE97E27E9"}, {"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299"}, {"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E"}, {"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A"}, {"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F"}, {"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F"}, {"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B"}, {"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D"}, {"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302"}, {"criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9A46D298-1685-410E-879C-2EBC45C185AC"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "196A7C06-8371-479D-973D-591DEB181739"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE42511E-9883-4779-A8E5-FC3E16EF2793"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DB06AD21-91A7-46B8-8F44-683828A5422D"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5DA169AF-3743-4051-B63B-FF6E1ADCD886"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7D13CF5B-4482-4C7D-8D6A-E220F3E4F868"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "92134C0A-4E5B-43EF-8439-484DF504C43C"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "26ECF9BD-F632-4A02-8993-C0D44B91289C"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "48730DB5-94AF-4BE7-8047-52B8B47CE35A"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E3A88142-3284-4C25-8774-36004B5F9087"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8EB76311-4B6D-4897-A683-4244E92BD570"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDDA2975-CDB7-4182-A03E-D34F15CDF6F1"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "35B9D0B5-4BE1-490E-9A68-00A3D357BC3D"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "71FA2F5A-6146-4142-96A8-552118E4BB67"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BEF786D6-F28F-49D8-A15C-BFD0AA934355"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1FEFF895-6E4A-4108-BD25-D7DC83154832"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A485A9A0-2EEC-4C13-846C-0DE2265B2A31"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B9F1ACA-9D67-4BF0-A357-40D39A61ED00"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B2E41E2-00CE-42C4-8C91-9307D76F5D7A"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98CB2D23-B5F8-4FA9-8431-3B0124CE2140"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "53D13F1D-345D-45D5-9000-DAFE8A85D71B"}, {"criteria": "cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8CFB064E-E390-47B5-AA76-5D3D2E368055"}, {"criteria": "cpe:2.3:h:cisco:csr1000v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62081293-8355-4197-A5A8-1E434B808680"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}