CVE-2020-3364

Published Jun 18, 2020

Last updated 3 months ago

CVSS medium 5.3

Overview

Description: A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XR Software, which prevents the ACL from working when applied against the standby route processor management interface. An attacker could exploit this vulnerability by attempting to access the device through the standby route processor management interface.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM

CVSS 3.0

Type: Secondary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

ykramarz@cisco.com: CWE-284
nvd@nist.gov: CWE-863

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB06AB15-7F91-4B17-BBBD-AC4E4D1EBF9E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "921B3622-76A3-4D9F-936C-25A965CE1A0E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56092600-ABD2-4703-BA00-9DD0AE09B46D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E90BEFD1-AAA5-4D39-A180-4B5ED3427AFC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48928FFF-871C-4C07-8352-8C802FAD8F53"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References