Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-webui-multi-vfTkk7yr | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2020-09-24 18:15
Updated : 2024-02-28 18:08
NVD link : CVE-2020-3475
Mitre link : CVE-2020-3475
CVE.ORG link : CVE-2020-3475
JSON object : View
Products Affected
cisco
- ws-c3650-48fd
- catalyst_c9300-48s
- ws-c3850-12xs
- ws-c3850-24s
- catalyst_c9300l-24t-4g
- catalyst_9800-cl
- ws-c3650-8x24uq
- catalyst_c9300-48t
- asr_1002-hx
- ws-c3850-48f
- catalyst_c9300l-48p-4g
- ws-c3650-24pd
- catalyst_c9500-24y4c
- catalyst_c9300-24s
- catalyst_9800-l
- 1160_integrated_services_router
- catalyst_c9300-24p
- ws-c3650-24ts
- ws-c3650-24pdm
- catalyst_c9300-24u
- ws-c3850-48p
- catalyst_c9200l-24pxg-2y
- catalyst_c9200-24p
- catalyst_c9200l-48pxg-4x
- ws-c3650-48td
- 111x_integrated_services_router
- ws-c3650-48tq
- ws-c3650-48pd
- ws-c3650-48pq
- ws-c3650-12x48uq
- ws-c3650-48fq
- ws-c3650-48ts
- catalyst_c9200l-48p-4x
- catalyst_c9300l-48p-4x
- ws-c3850-24u
- catalyst_9800-80
- 1120_integrated_services_router
- 1109_integrated_services_router
- catalyst_c9200l-24t-4x
- catalyst_c9300-48un
- 1111x_integrated_services_router
- asr_1002-x
- ws-c3850-12x48u
- catalyst_9800-l-f
- ws-c3650-48ps
- ws-c3850-12s
- catalyst_c9500-16x
- catalyst_c9300l-24p-4x
- asr_1001-x
- asr_1006-x
- catalyst_c9200l-48t-4x
- catalyst_c9500-40x
- ws-c3850
- asr_1001-hx
- catalyst_c9200l-48p-4g
- catalyst_c9300-48p
- catalyst_c9200l-24pxg-4x
- ios
- catalyst_c9300l-24p-4g
- catalyst_c9200l-24p-4x
- catalyst_c9200-48t
- catalyst_c9500-32qc
- catalyst_c9300-24t
- ws-c3850-48t
- asr_1006
- catalyst_c9300l-24t-4x
- catalyst_c9300-24ux
- ws-c3650-48fs
- catalyst_c9300-48uxm
- catalyst_c9200l-24t-4g
- catalyst_9800-40
- ws-c3650-24td
- asr_1004
- catalyst_c9500-24q
- catalyst_c9200l-48t-4g
- catalyst_c9200-48p
- ws-c3850-24p
- catalyst_c9300l-48t-4g
- ws-c3650-24ps
- ws-c3850-24t
- catalyst_9800-l-c
- 1101_integrated_services_router
- asr_1009-x
- ws-c3850-24xu
- ws-c3650-48fqm
- ws-c3650-12x48ur
- ws-c3850-48xs
- ws-c3650-12x48uz
- catalyst_c9500-48y4c
- catalyst_c9200-24t
- catalyst_c9500-32c
- catalyst_c9200l-48pxg-2y
- ws-c3850-48u
- catalyst_c9500-12q
- catalyst_c9300-48u
- asr_1013
- 1100_integrated_services_router
- catalyst_c9300l-48t-4x
- ws-c3850-24xs
- catalyst_c9200l-24p-4g
CWE
CWE-20
Improper Input Validation