Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| Link | Resource |
|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-priv-esc-K8zvEWM | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
23 May 2023, 13:55
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:isr1100-4gltena:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100-6g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100-4g:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr1100-4gltegb:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:* |
22 May 2023, 18:57
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:isr_1101:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109-2p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1111x-8p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1160:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1100-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_111x:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1101-4p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:isr_1109:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:* |
22 May 2023, 17:08
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:cisco:integrated_services_router_4331:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:integrated_services_router_4451:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:integrated_services_router_4221:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:integrated_services_router_4431:-:*:*:*:*:*:*:* |
cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:* |
13 Jul 2021, 17:53
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:cisco:ios_xe:17.2.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:ios_xe:17.4.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:ios_xe:16.9.4:*:*:*:*:*:*:* |
cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios_xe:17.3:*:*:*:*:*:*:* |
Information
Published : 2020-09-24 18:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-3141
Mitre link : CVE-2020-3141
CVE.ORG link : CVE-2020-3141
JSON object : View
Products Affected
cisco
- ws-c3850-12x48u
- ws-c3850-24xu
- 4461_integrated_services_router
- catalyst_c9300l-48p-4x
- asr_1004
- ws-c3850-24xs
- catalyst_c9300l-24p-4g
- catalyst_c9300-24s
- catalyst_c9200l-48p-4x
- catalyst_c9300-48un
- catalyst_c9200-48p
- catalyst_c9300-48uxm
- 1109_integrated_services_router
- catalyst_c9200-24p
- catalyst_c9500-12q
- catalyst_c9300l-48p-4g
- catalyst_c9300l-24p-4x
- ws-c3650-48fd
- 1100-lte_integrated_services_router
- ws-c3650-48fs
- catalyst_c9200l-24t-4x
- catalyst_c9200-48t
- asr1001-hx
- catalyst_c9300-24t
- catalyst_9800-80
- catalyst_9800-l-c
- ws-c3650-12x48ur
- 1100-6g_integrated_services_router
- ws-c3850-12s
- ws-c3650-48pd
- catalyst_c9300-48p
- catalyst_9800-40
- catalyst_c9500-32c
- asr_1013
- catalyst_c9300-24ux
- catalyst_9800-cl
- ws-c3850-24u
- asr1001-x-rf
- catalyst_c9500-24y4c
- 4331_integrated_services_router
- ws-c3850-12xs
- 4431_integrated_services_router
- catalyst_c9200l-24p-4x
- ws-c3850-24p
- ws-c3650-48pq
- 1109-4p_integrated_services_router
- ws-c3650-48tq
- catalyst_c9200l-24pxg-4x
- ws-c3850-48u
- asr1001-x-ws
- asr1001-hx-rf
- ws-c3650-48fq
- ws-c3850-24t
- ws-c3850-24s
- ios_xe
- asr_1006
- asr_1001
- catalyst_c9200l-48t-4g
- catalyst_c9200l-24pxg-2y
- 1109-2p_integrated_services_router
- catalyst_c9500-32qc
- catalyst_c9300l-48t-4g
- catalyst_c9300-24p
- catalyst_c9300l-48t-4x
- 1100-4g_integrated_services_router
- ws-c3850
- ws-c3650-24pd
- catalyst_9800-l-f
- catalyst_c9200l-24t-4g
- 4451_integrated_services_router
- catalyst_c9404r
- ws-c3650-24ps
- catalyst_c9500-40x
- catalyst_c9500-16x
- catalyst_c9200l-48pxg-2y
- ws-c3650-12x48uz
- catalyst_c9200l-48t-4x
- ws-c3650-24ts
- asr_1002
- 1100-4gltena_integrated_services_router
- asr1002-hx-ws
- catalyst_c9300l-24t-4g
- ws-c3650-24pdm
- asr_1002-x
- 1101_integrated_services_router
- csr_1000v
- ws-c3650-48ps
- ws-c3650-48ts
- catalyst_c9200l-48pxg-4x
- ws-c3850-48f
- 1120_integrated_services_router
- ws-c3650-12x48uq
- catalyst_c9500-48y4c
- catalyst_c9300l-24t-4x
- 1111x_integrated_services_router
- asr1002-x-ws
- catalyst_c9300-48t
- catalyst_c9500-24q
- catalyst_c9300-48s
- asr_1000-x
- catalyst_c9410r
- 1100-4gltegb_integrated_services_router
- ws-c3650-8x24uq
- 1100-8p_integrated_services_router
- catalyst_c9200l-24p-4g
- asr1002-hx
- ws-c3650-24td
- asr_1001-x
- 1100_integrated_services_router
- ws-c3650-48fqm
- catalyst_c9300-24u
- catalyst_c9200-24t
- 1160_integrated_services_router
- 1111x-8p_integrated_services_router
- asr1002-hx-rf
- 1100-4p_integrated_services_router
- ws-c3650-48td
- 1101-4p_integrated_services_router
- catalyst_c9200l-48p-4g
- 4221_integrated_services_router
- asr1002-x-rf
- ws-c3850-48t
- ws-c3850-48p
- ws-c3850-48xs
- catalyst_c9300-48u
- 111x_integrated_services_router
- catalyst_c9407r
- catalyst_9800-l
CWE