Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2020-3214

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

  • Published: Jun 3, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-3214
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.7
  • AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
cisco / ios_xe 16.11.1 16.11.1.x
cisco / ios_xe 16.11.1a 16.11.1a.x
cisco / ios_xe 16.11.1b 16.11.1b.x
cisco / ios_xe 16.11.1c 16.11.1c.x
cisco / ios_xe 16.11.1s 16.11.1s.x
cisco / ios_xe 16.11.2 16.11.2.x
cisco / ios_xe 16.12.1 16.12.1.x
cisco / ios_xe 16.12.1a 16.12.1a.x
cisco / ios_xe 16.12.1c 16.12.1c.x
cisco / ios_xe 16.12.1s 16.12.1s.x
cisco / ios_xe 16.12.1t 16.12.1t.x
cisco / ios_xe 16.12.1w 16.12.1w.x
cisco / ios_xe 16.12.1x 16.12.1x.x