CVE-2020-3257

Published Jun 3, 2020

Last updated 3 months ago

CVSS high 8.1

Overview

Description: Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Severity: HIGH

CVSS 3.0

Type: Secondary
Base score: 8.1
Impact score: 5.2
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 4.8
Impact score: 4.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:P/A:P

Weaknesses

ykramarz@cisco.com: CWE-20
nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.8\\(3.0z\\)m1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02EC0719-9B7C-48FA-8354-B1433F3C5435"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:15.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFA9B42B-5D01-40F8-9981-7E094534F3C6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir809g-lte-ga-k9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "47B4B073-21C9-43EC-9F3E-6B9E14302D49"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir809g-lte-la-k9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "661C304A-BE1A-4A5A-8B35-B18725082AB2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir809g-lte-na-k9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1189BB4A-AE5E-450E-AC4C-B5A03172799F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir809g-lte-vz-k9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "168FA298-68C0-4BB1-A94A-21E3615FBA6C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB62C534-29F8-48CA-9D45-42C49CE68577"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B670C5A3-4E19-428F-87D0-C2B12EE2CB92"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6BF5C3D3-833D-405B-8E1E-ED3BC29CD5E0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F8D39174-298E-4C06-A289-B0C4585B2E99"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CB259DDC-AB98-405E-A369-49A3B89F48F5"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "99B57D05-6702-4026-9E36-0CBEC6BE8001"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC62F7A8-9D57-4703-A7DF-451C2CA75919"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "78F497A3-8153-4524-9E8D-2CFDCF2ADCDE"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "61BD4298-A8D5-4D7C-A9D9-694606042C12"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References