← Retour aux CVEs
CVE-2020-3520
MEDIUM5.5
Description
A vulnerability in Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, local attacker to obtain confidential information from an affected device. The vulnerability is due to insufficient protection of confidential information on an affected device. An attacker at any privilege level could exploit this vulnerability by accessing local filesystems and extracting sensitive information from them. A successful exploit could allow the attacker to view sensitive data, which they could use to elevate their privilege.
Details CVE
Score CVSS v3.15.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie8/26/2020
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
cisco:data_center_network_manager
Faiblesses (CWE)
CWE-200CWE-200
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-infordisc-DOAXVvFV(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dcnm-infordisc-DOAXVvFV(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.