CVE-2020-3379 - OpenCVE

A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Vedge 2000 Vedge 1000 Vedge 100b Sd-wan Firmware Vedge 100wm Vedge 100m Vbond Orchestrator Vedge 5000 Vsmart Controller Vedge 100

Configuration 1 [-]

AND

cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:vedge_100:-:::::::*
	cpe:2.3:h:cisco:vedge_1000:-:::::::*
	cpe:2.3:h:cisco:vedge_100b:-:::::::*
	cpe:2.3:h:cisco:vedge_100m:-:::::::*
	cpe:2.3:h:cisco:vedge_100wm:-:::::::*
	cpe:2.3:h:cisco:vedge_2000:-:::::::*
	cpe:2.3:h:cisco:vedge_5000:-:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:cisco:vbond_orchestrator:-:::::::*
	cpe:2.3:a:cisco:vsmart_controller:-:::::::*

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2020-07-15T00:00:00

Updated: 2020-07-16T17:21:50

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3379

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-07-16T18:15:18.690

Modified: 2021-08-06T18:59:46.220

Link: CVE-2020-3379

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Cisco SD-WAN Solution ", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-264", "description": "CWE-264", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-16T17:21:50", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"}], "source": {"advisory": "cisco-sa-vmpresc-SyzcS4kC", "defect": [["CSCvi69987"]], "discovery": "INTERNAL"}, "title": "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-07-15T16:00:00", "ID": "CVE-2020-3379", "STATE": "PUBLIC", "TITLE": "Cisco SD-WAN Solution Software Privilege Escalation Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco SD-WAN Solution ", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "}], "impact": {"cvss": {"baseScore": "5.3", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L ", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-264"}]}]}, "references": {"reference_data": [{"name": "20200715 Cisco SD-WAN Solution Software Privilege Escalation Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"}]}, "source": {"advisory": "cisco-sa-vmpresc-SyzcS4kC", "defect": [["CSCvi69987"]], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3379", "datePublished": "2020-07-15T00:00:00", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2020-07-16T17:21:50", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "484C01EF-C2DE-43DB-8C3F-C2C013A182FE", "versionEndExcluding": "18.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vedge_100:-:*:*:*:*:*:*:*", "matchCriteriaId": "00AAB4DD-1C45-412F-84AA-C056A0BBFB9A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_1000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F019975D-3A45-4522-9CB9-F4258C371DF6", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100b:-:*:*:*:*:*:*:*", "matchCriteriaId": "0811E0B5-889E-451E-B754-A8FEE32BDFA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100m:-:*:*:*:*:*:*:*", "matchCriteriaId": "36973815-F46D-4ADA-B9DF-BCB70AC60BD3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_100wm:-:*:*:*:*:*:*:*", "matchCriteriaId": "061A302C-8D35-4E80-93DA-916DA7E90C06", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "140AF13E-4463-478B-AA94-97406A80CB86", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:vedge_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "1356861D-E6CA-4973-9597-629507E8C07E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:vbond_orchestrator:-:*:*:*:*:*:*:*", "matchCriteriaId": "BA648664-0734-4D02-8944-CA4DF4D756D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:vsmart_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F16884C-A2EE-4867-8806-6418E000078C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco SD-WAN Solution Software could allow an authenticated, local attacker to elevate privileges to Administrator on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain administrative privileges."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco SD-WAN Solution Software podr\u00eda permitir a un atacante local autenticado elevar los privilegios a Administrator en el sistema operativo subyacente. La vulnerabilidad es debido a una comprobaci\u00f3n de entrada insuficiente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n dise\u00f1ada hacia un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir privilegios administrativos"}], "id": "CVE-2020-3379", "lastModified": "2021-08-06T18:59:46.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-16T18:15:18.690", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmpresc-SyzcS4kC"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-264"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}