CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3447

A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to excessive verbosity in certain log subscriptions. An attacker could exploit this vulnerability by accessing specific log files on an affected device. A successful exploit could allow the attacker to obtain sensitive log data, which may include user credentials. To exploit this vulnerability, the attacker would need to have valid credentials at the operator level or higher on the affected device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.0

References

Products affected by CVE-2020-3447

Cisco » Content Security Management Appliance » Version: N/A

cpe:2.3:a:cisco:content_security_management_appliance:-
Cisco » Content Security Management Appliance » Version: 10.0.0-203

cpe:2.3:a:cisco:content_security_management_appliance:10.0.0-203
Cisco » Content Security Management Appliance » Version: 10.1.0-037

cpe:2.3:a:cisco:content_security_management_appliance:10.1.0-037
Cisco » Content Security Management Appliance » Version: 10.1.0-049

cpe:2.3:a:cisco:content_security_management_appliance:10.1.0-049
Cisco » Content Security Management Appliance » Version: 11.4.0-812

cpe:2.3:a:cisco:content_security_management_appliance:11.4.0-812
Cisco » Content Security Management Appliance » Version: 12.0

cpe:2.3:a:cisco:content_security_management_appliance:12.0
Cisco » Content Security Management Appliance » Version: 12.0.1

cpe:2.3:a:cisco:content_security_management_appliance:12.0.1
Cisco » Content Security Management Appliance » Version: 12.5.0

cpe:2.3:a:cisco:content_security_management_appliance:12.5.0
Cisco » Content Security Management Appliance » Version: 12.5.0-436

cpe:2.3:a:cisco:content_security_management_appliance:12.5.0-436
Cisco » Content Security Management Appliance » Version: 12.8.1-002

cpe:2.3:a:cisco:content_security_management_appliance:12.8.1-002
Cisco » Content Security Management Appliance » Version: 13.0.0-249

cpe:2.3:a:cisco:content_security_management_appliance:13.0.0-249
Cisco » Content Security Management Appliance » Version: 13.5.0-114

cpe:2.3:a:cisco:content_security_management_appliance:13.5.0-114
Cisco » Content Security Management Appliance » Version: 13.5.0-117

cpe:2.3:a:cisco:content_security_management_appliance:13.5.0-117
Cisco » Content Security Management Appliance » Version: 13.6.0

cpe:2.3:a:cisco:content_security_management_appliance:13.6.0
Cisco » Content Security Management Appliance » Version: 13.6.0-157

cpe:2.3:a:cisco:content_security_management_appliance:13.6.0-157
Cisco » Content Security Management Appliance » Version: 13.6.1-193

cpe:2.3:a:cisco:content_security_management_appliance:13.6.1-193
Cisco » Content Security Management Appliance » Version: 8.3.6-039

cpe:2.3:a:cisco:content_security_management_appliance:8.3.6-039
Cisco » Content Security Management Appliance » Version: 9.1.0

cpe:2.3:a:cisco:content_security_management_appliance:9.1.0
Cisco » Content Security Management Appliance » Version: 9.1.0-031

cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-031
Cisco » Content Security Management Appliance » Version: 9.1.0-033

cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-033
Cisco » Content Security Management Appliance » Version: 9.1.0-103

cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-103
Cisco » Content Security Management Appliance » Version: 9.1.0-31

cpe:2.3:a:cisco:content_security_management_appliance:9.1.0-31
Cisco » Content Security Management Appliance » Version: 9.5.0

cpe:2.3:a:cisco:content_security_management_appliance:9.5.0
Cisco » Content Security Management Appliance » Version: 9.6.0

cpe:2.3:a:cisco:content_security_management_appliance:9.6.0
Cisco » Content Security Management Appliance » Version: 9.6.6-068

cpe:2.3:a:cisco:content_security_management_appliance:9.6.6-068
Cisco » Content Security Management Appliance » Version: 9.7.0-006

cpe:2.3:a:cisco:content_security_management_appliance:9.7.0-006
Cisco » Email Security Appliance » Version: N/A

cpe:2.3:a:cisco:email_security_appliance:-
Cisco » Email Security Appliance » Version: 10.0.0-203

cpe:2.3:a:cisco:email_security_appliance:10.0.0-203
Cisco » Email Security Appliance » Version: 10.0.0-232

cpe:2.3:a:cisco:email_security_appliance:10.0.0-232
Cisco » Email Security Appliance » Version: 10.1.0-049

cpe:2.3:a:cisco:email_security_appliance:10.1.0-049
Cisco » Email Security Appliance » Version: 11.0.1-hp5-602

cpe:2.3:a:cisco:email_security_appliance:11.0.1-hp5-602
Cisco » Email Security Appliance » Version: 11.1.0-131

cpe:2.3:a:cisco:email_security_appliance:11.1.0-131
Cisco » Email Security Appliance » Version: 11.1.0-404

cpe:2.3:a:cisco:email_security_appliance:11.1.0-404
Cisco » Email Security Appliance » Version: 11.1.2

cpe:2.3:a:cisco:email_security_appliance:11.1.2
Cisco » Email Security Appliance » Version: 11.1.2-023

cpe:2.3:a:cisco:email_security_appliance:11.1.2-023
Cisco » Email Security Appliance » Version: 11.1.8-076

cpe:2.3:a:cisco:email_security_appliance:11.1.8-076
Cisco » Email Security Appliance » Version: 12.0.0

cpe:2.3:a:cisco:email_security_appliance:12.0.0
Cisco » Email Security Appliance » Version: 12.0.0-208

cpe:2.3:a:cisco:email_security_appliance:12.0.0-208
Cisco » Email Security Appliance » Version: 12.0.0-419

cpe:2.3:a:cisco:email_security_appliance:12.0.0-419
Cisco » Email Security Appliance » Version: 12.5.0

cpe:2.3:a:cisco:email_security_appliance:12.5.0
Cisco » Email Security Appliance » Version: 12.5.0-066

cpe:2.3:a:cisco:email_security_appliance:12.5.0-066
Cisco » Email Security Appliance » Version: 12.5.1-031

cpe:2.3:a:cisco:email_security_appliance:12.5.1-031
Cisco » Email Security Appliance » Version: 12.5.1-037

cpe:2.3:a:cisco:email_security_appliance:12.5.1-037
Cisco » Email Security Appliance » Version: 12.5.3-041

cpe:2.3:a:cisco:email_security_appliance:12.5.3-041
Cisco » Email Security Appliance » Version: 13.0

cpe:2.3:a:cisco:email_security_appliance:13.0
Cisco » Email Security Appliance » Version: 13.0.0

cpe:2.3:a:cisco:email_security_appliance:13.0.0
Cisco » Email Security Appliance » Version: 13.0.0-226

cpe:2.3:a:cisco:email_security_appliance:13.0.0-226
Cisco » Email Security Appliance » Version: 13.0.0-311

cpe:2.3:a:cisco:email_security_appliance:13.0.0-311
Cisco » Email Security Appliance » Version: 13.0.0-314

cpe:2.3:a:cisco:email_security_appliance:13.0.0-314
Cisco » Email Security Appliance » Version: 13.0.0-375

cpe:2.3:a:cisco:email_security_appliance:13.0.0-375
Cisco » Email Security Appliance » Version: 13.0.0-392

cpe:2.3:a:cisco:email_security_appliance:13.0.0-392
Cisco » Email Security Appliance » Version: 13.0.1

cpe:2.3:a:cisco:email_security_appliance:13.0.1
Cisco » Email Security Appliance » Version: 13.0.5-007

cpe:2.3:a:cisco:email_security_appliance:13.0.5-007
Cisco » Email Security Appliance » Version: 13.5.0

cpe:2.3:a:cisco:email_security_appliance:13.5.0
Cisco » Email Security Appliance » Version: 7.1.0

cpe:2.3:a:cisco:email_security_appliance:7.1.0
Cisco » Email Security Appliance » Version: 7.1.1

cpe:2.3:a:cisco:email_security_appliance:7.1.1
Cisco » Email Security Appliance » Version: 7.1.2

cpe:2.3:a:cisco:email_security_appliance:7.1.2
Cisco » Email Security Appliance » Version: 7.1.3

cpe:2.3:a:cisco:email_security_appliance:7.1.3
Cisco » Email Security Appliance » Version: 7.1.4

cpe:2.3:a:cisco:email_security_appliance:7.1.4
Cisco » Email Security Appliance » Version: 7.1.5

cpe:2.3:a:cisco:email_security_appliance:7.1.5
Cisco » Email Security Appliance » Version: 7.3.0

cpe:2.3:a:cisco:email_security_appliance:7.3.0
Cisco » Email Security Appliance » Version: 7.3.1

cpe:2.3:a:cisco:email_security_appliance:7.3.1
Cisco » Email Security Appliance » Version: 7.3.2

cpe:2.3:a:cisco:email_security_appliance:7.3.2
Cisco » Email Security Appliance » Version: 7.5.0

cpe:2.3:a:cisco:email_security_appliance:7.5.0
Cisco » Email Security Appliance » Version: 7.5.1

cpe:2.3:a:cisco:email_security_appliance:7.5.1
Cisco » Email Security Appliance » Version: 7.5.2

cpe:2.3:a:cisco:email_security_appliance:7.5.2
Cisco » Email Security Appliance » Version: 7.5.2-201

cpe:2.3:a:cisco:email_security_appliance:7.5.2-201
Cisco » Email Security Appliance » Version: 7.5.2-hp2-303

cpe:2.3:a:cisco:email_security_appliance:7.5.2-hp2-303
Cisco » Email Security Appliance » Version: 7.6.0

cpe:2.3:a:cisco:email_security_appliance:7.6.0
Cisco » Email Security Appliance » Version: 7.6.1-000

cpe:2.3:a:cisco:email_security_appliance:7.6.1-000
Cisco » Email Security Appliance » Version: 7.6.1-gpl-022

cpe:2.3:a:cisco:email_security_appliance:7.6.1-gpl-022
Cisco » Email Security Appliance » Version: 7.6.2

cpe:2.3:a:cisco:email_security_appliance:7.6.2
Cisco » Email Security Appliance » Version: 7.6.3-000

cpe:2.3:a:cisco:email_security_appliance:7.6.3-000
Cisco » Email Security Appliance » Version: 7.6.3-025

cpe:2.3:a:cisco:email_security_appliance:7.6.3-025
Cisco » Email Security Appliance » Version: 7.7.0-000

cpe:2.3:a:cisco:email_security_appliance:7.7.0-000
Cisco » Email Security Appliance » Version: 7.7.1-000

cpe:2.3:a:cisco:email_security_appliance:7.7.1-000
Cisco » Email Security Appliance » Version: 7.8.0

cpe:2.3:a:cisco:email_security_appliance:7.8.0
Cisco » Email Security Appliance » Version: 7.8.0-311

cpe:2.3:a:cisco:email_security_appliance:7.8.0-311
Cisco » Email Security Appliance » Version: 8.0.1-023

cpe:2.3:a:cisco:email_security_appliance:8.0.1-023
Cisco » Email Security Appliance » Version: 8.0_base

cpe:2.3:a:cisco:email_security_appliance:8.0_base
Cisco » Email Security Appliance » Version: 8.5.0-000

cpe:2.3:a:cisco:email_security_appliance:8.5.0-000
Cisco » Email Security Appliance » Version: 8.5.0-er1-198

cpe:2.3:a:cisco:email_security_appliance:8.5.0-er1-198
Cisco » Email Security Appliance » Version: 8.5.1-021

cpe:2.3:a:cisco:email_security_appliance:8.5.1-021
Cisco » Email Security Appliance » Version: 8.5.6-052

cpe:2.3:a:cisco:email_security_appliance:8.5.6-052
Cisco » Email Security Appliance » Version: 8.5.6-073

cpe:2.3:a:cisco:email_security_appliance:8.5.6-073
Cisco » Email Security Appliance » Version: 8.5.6-074

cpe:2.3:a:cisco:email_security_appliance:8.5.6-074
Cisco » Email Security Appliance » Version: 8.5.6-106

cpe:2.3:a:cisco:email_security_appliance:8.5.6-106
Cisco » Email Security Appliance » Version: 8.5.6-113

cpe:2.3:a:cisco:email_security_appliance:8.5.6-113
Cisco » Email Security Appliance » Version: 8.5.7-042

cpe:2.3:a:cisco:email_security_appliance:8.5.7-042
Cisco » Email Security Appliance » Version: 8.6.0

cpe:2.3:a:cisco:email_security_appliance:8.6.0
Cisco » Email Security Appliance » Version: 8.6.0-011

cpe:2.3:a:cisco:email_security_appliance:8.6.0-011
Cisco » Email Security Appliance » Version: 8.9.0

cpe:2.3:a:cisco:email_security_appliance:8.9.0
Cisco » Email Security Appliance » Version: 8.9.1-000

cpe:2.3:a:cisco:email_security_appliance:8.9.1-000
Cisco » Email Security Appliance » Version: 8.9.2-032

cpe:2.3:a:cisco:email_security_appliance:8.9.2-032
Cisco » Email Security Appliance » Version: 9.0.0

cpe:2.3:a:cisco:email_security_appliance:9.0.0
Cisco » Email Security Appliance » Version: 9.0.0-212

cpe:2.3:a:cisco:email_security_appliance:9.0.0-212
Cisco » Email Security Appliance » Version: 9.0.0-461

cpe:2.3:a:cisco:email_security_appliance:9.0.0-461
Cisco » Email Security Appliance » Version: 9.0.5-000

cpe:2.3:a:cisco:email_security_appliance:9.0.5-000
Cisco » Email Security Appliance » Version: 9.1.0

cpe:2.3:a:cisco:email_security_appliance:9.1.0
Cisco » Email Security Appliance » Version: 9.1.0-011

cpe:2.3:a:cisco:email_security_appliance:9.1.0-011
Cisco » Email Security Appliance » Version: 9.1.0-032

cpe:2.3:a:cisco:email_security_appliance:9.1.0-032
Cisco » Email Security Appliance » Version: 9.1.0-101

cpe:2.3:a:cisco:email_security_appliance:9.1.0-101
Cisco » Email Security Appliance » Version: 9.1.1-000

cpe:2.3:a:cisco:email_security_appliance:9.1.1-000
Cisco » Email Security Appliance » Version: 9.1.1-036

cpe:2.3:a:cisco:email_security_appliance:9.1.1-036
Cisco » Email Security Appliance » Version: 9.4.0

cpe:2.3:a:cisco:email_security_appliance:9.4.0
Cisco » Email Security Appliance » Version: 9.4.4-000

cpe:2.3:a:cisco:email_security_appliance:9.4.4-000
Cisco » Email Security Appliance » Version: 9.5.0-000

cpe:2.3:a:cisco:email_security_appliance:9.5.0-000
Cisco » Email Security Appliance » Version: 9.5.0-201

cpe:2.3:a:cisco:email_security_appliance:9.5.0-201
Cisco » Email Security Appliance » Version: 9.6.0-000

cpe:2.3:a:cisco:email_security_appliance:9.6.0-000
Cisco » Email Security Appliance » Version: 9.6.0-042

cpe:2.3:a:cisco:email_security_appliance:9.6.0-042
Cisco » Email Security Appliance » Version: 9.6.0-051

cpe:2.3:a:cisco:email_security_appliance:9.6.0-051
Cisco » Email Security Appliance » Version: 9.7.0-125

cpe:2.3:a:cisco:email_security_appliance:9.7.0-125
Cisco » Email Security Appliance » Version: 9.7.1-066

cpe:2.3:a:cisco:email_security_appliance:9.7.1-066
Cisco » Email Security Appliance » Version: 9.7.1-hp2-207

cpe:2.3:a:cisco:email_security_appliance:9.7.1-hp2-207
Cisco » Email Security Appliance » Version: 9.7.2-065

cpe:2.3:a:cisco:email_security_appliance:9.7.2-065
Cisco » Email Security Appliance » Version: 9.8.5-085

cpe:2.3:a:cisco:email_security_appliance:9.8.5-085
Cisco » Email Security Appliance » Version: 9.9.6-026

cpe:2.3:a:cisco:email_security_appliance:9.9.6-026
Cisco » Email Security Appliance » Version: 9.9_base

cpe:2.3:a:cisco:email_security_appliance:9.9_base

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3447

Products

Pricing

Contact Us