Vulnerability Details CVE-2020-3115
A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-3115
-
cpe:2.3:h:cisco:vedge-1000:-
-
cpe:2.3:h:cisco:vedge-100:-
-
cpe:2.3:h:cisco:vedge-100b:-
-
cpe:2.3:h:cisco:vedge-2000:-
-
cpe:2.3:h:cisco:vedge-5000:-
-
cpe:2.3:h:cisco:vedge_100m:-
-
cpe:2.3:h:cisco:vedge_100wm:-
-
cpe:2.3:o:cisco:sd-wan_firmware:18.4.1
-
cpe:2.3:o:cisco:sd-wan_firmware:19.1.0