fkie_cve-2020-3446
Vulnerability from fkie_nvd
Published
2020-08-26 17:15
Modified
2024-11-21 05:31
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password. The vulnerability exists because the affected software has user accounts with default, static passwords. An attacker with access to the NFVIS CLI of an affected device could exploit this vulnerability by logging into the CLI. A successful exploit could allow the attacker to access the NFVIS CLI with administrator privileges.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-encsw-cspw-cred-hZzL29A7Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-encsw-cspw-cred-hZzL29A7Vendor Advisory
Impacted products
Vendor Product Version
cisco encs_5406-w_firmware 6.4\(1\)
cisco encs_5406-w_firmware 6.4\(3d\)
cisco encs_5406-w -
cisco encs_5408-w_firmware 6.4\(1\)
cisco encs_5408-w_firmware 6.4\(3d\)
cisco encs_5408-w -
cisco encs_5412-w_firmware 6.4\(1\)
cisco encs_5412-w_firmware 6.4\(3d\)
cisco encs_5412-w -
cisco csp_5228-w_firmware 6.4\(1\)
cisco csp_5228-w_firmware 6.4\(3d\)
cisco csp_5228-w -
cisco csp_5436-w_firmware 6.4\(1\)
cisco csp_5436-w_firmware 6.4\(3d\)
cisco csp_5436-w -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:encs_5406-w_firmware:6.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B78D1865-1848-4287-B292-7FA8C4AF6FD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:encs_5406-w_firmware:6.4\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BC81D402-6A15-4E5C-A7DA-7F1D48902CD7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:encs_5406-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF09289-1A54-4DEC-91F2-19B29BFA71B8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:encs_5408-w_firmware:6.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "68C3631A-27FE-4DB7-97CE-B77B6AFD3972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:encs_5408-w_firmware:6.4\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BE7F9D99-F120-45D8-9474-2DFB651E9739",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:encs_5408-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE10892-2AD7-4589-A8EB-88C24D478FAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:encs_5412-w_firmware:6.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B3459B-B5A0-48E0-9349-EDD021D6FCDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:encs_5412-w_firmware:6.4\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8529924E-224C-4D0B-B223-57028CA5B22C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:encs_5412-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EF6856-22FD-49F9-AB2B-1495C9C1BE61",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:csp_5228-w_firmware:6.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3004A08F-E5B9-4628-8289-C6A2B6947BD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:csp_5228-w_firmware:6.4\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "67BA1CDE-13C7-4DBE-9104-2DE4AE20FB56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:csp_5228-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDCEF634-960D-40AA-847D-8B66E737B994",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:csp_5436-w_firmware:6.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B6823082-35DD-47F4-9A0B-00C4B6306BAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:csp_5436-w_firmware:6.4\\(3d\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7CE84787-07CA-4605-937D-B32781AE3F48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:csp_5436-w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A6D32F-47A5-411A-9013-C1D65A96CFF8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password. The vulnerability exists because the affected software has user accounts with default, static passwords. An attacker with access to the NFVIS CLI of an affected device could exploit this vulnerability by logging into the CLI. A successful exploit could allow the attacker to access the NFVIS CLI with administrator privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Cisco Virtual Wide Area Application Services (vWAAS) con im\u00e1genes incluidas en el paquete Cisco Enterprise NFV Infrastructure Software (NFVIS) para los dispositivos Cisco ENCS 5400-W Series y CSP 5000-W Series podr\u00eda permitir a un atacante remoto no autenticado iniciar sesi\u00f3n en la CLI de NFVIS de un dispositivo afectado mediante el uso de cuentas que tienen una contrase\u00f1a est\u00e1tica predeterminada. La vulnerabilidad se presenta porque el software afectado tiene cuentas de usuario con contrase\u00f1as est\u00e1ticas predeterminadas. Un atacante con acceso a la CLI de NFVIS de un dispositivo afectado podr\u00eda explotar esta vulnerabilidad mediante el inicio de sesi\u00f3n en la CLI. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante acceder a la CLI de NFVIS con privilegios de administrador"
    }
  ],
  "id": "CVE-2020-3446",
  "lastModified": "2024-11-21T05:31:04.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-08-26T17:15:13.677",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-encsw-cspw-cred-hZzL29A7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-encsw-cspw-cred-hZzL29A7"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.