Multiple vulnerabilities in Cisco IOS XE Software
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-3219 CVE-2020-3207 |
| CWE-ID | CWE-77 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco IOS XE Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Command Injection
EUVDB-ID: #VU28760
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3219
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the system.
The vulnerability exists due to improper input sanitization in the web UI. A remote authenticated attacker can submit a specially crafted input and execute arbitrary commands on the target system.
This vulnerability affects the following products if they are running affected release of Cisco IOS XE Software:
- Cisco Catalyst 3850 Series Switches
- Cisco Catalyst 3650 Series Switches
- Cisco Catalyst 9300 Series Switches
- Cisco Catalyst 9500 Series Switches
- Cisco Catalyst 9200 Series Switches
Mitigation
Install updates from vendor's website.
Vulnerable software versionsCisco IOS XE: Gibraltar 16.11.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-web-cmdinj2-fOnjk2LD
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command Injection
EUVDB-ID: #VU28761
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-3207
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary commands on the system.
The vulnerability exists due to insufficient input validation checks while processing boot options. A local administrator can modify device boot options and execute arbitrary commands on the target system.
This vulnerability affects the following products if they are running affected release of Cisco IOS XE Software:
- Catalyst 3650 Series Switches
- Catalyst 3850 Series Switches
- Catalyst 9200 Series Switches
- Catalyst 9300 Series Switches
- Catalyst 9500 Series Switches
Mitigation
Install updates from vendor's website.
Vulnerable software versionsCisco IOS XE: 16.10.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ngwc-cmdinj-KEwWVWR
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
