cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-3425,https://securityvulnerability.io/vulnerability/CVE-2020-3425,Cisco IOS XE Software Privilege Escalation Vulnerabilities,"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 16.1.1,8.8,HIGH,0.002460000105202198,false,,false,false,true,2024-08-04T08:16:40.000Z,,false,false,,2020-09-24T00:00:00.000Z,0
CVE-2020-3474,https://securityvulnerability.io/vulnerability/CVE-2020-3474,Cisco IOS XE Software Web Management  Framework Vulnerabilities,"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 16.1.1,4.3,MEDIUM,0.0022100000642240047,false,,false,false,true,2024-08-04T08:16:42.000Z,,false,false,,2020-09-24T00:00:00.000Z,0
CVE-2020-3141,https://securityvulnerability.io/vulnerability/CVE-2020-3141,Cisco IOS XE Software Privilege Escalation Vulnerabilities,"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 16.1.1,8.8,HIGH,0.0025599999353289604,false,,false,false,true,2024-08-04T08:16:26.000Z,,false,false,,2020-09-24T00:00:00.000Z,0
CVE-2020-3475,https://securityvulnerability.io/vulnerability/CVE-2020-3475,Cisco IOS XE Software Web Management  Framework Vulnerabilities,"Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco iOS Xe Software 16.1.1,4.3,MEDIUM,0.0022100000642240047,false,,false,false,true,2024-08-04T08:16:42.000Z,,false,false,,2020-09-24T00:00:00.000Z,0
CVE-2020-3219,https://securityvulnerability.io/vulnerability/CVE-2020-3219,Cisco IOS XE Software Web UI Command Injection Vulnerability,"A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.",Cisco,Cisco iOS Xe Software 16.1.1,8.8,HIGH,0.0017399999778717756,false,,false,false,true,2024-08-04T08:16:30.000Z,,false,false,,2020-06-03T00:00:00.000Z,0
CVE-2020-3203,https://securityvulnerability.io/vulnerability/CVE-2020-3203,Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability,"A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition.",Cisco,Cisco iOS Xe Software 16.1.1,8.6,HIGH,0.0015999999595806003,false,,false,false,true,2024-08-04T08:16:29.000Z,,false,false,,2020-06-03T00:00:00.000Z,0
CVE-2019-12658,https://securityvulnerability.io/vulnerability/CVE-2019-12658,Cisco IOS XE Software Filesystem Exhaustion Denial of Service Vulnerability,"A vulnerability in the filesystem resource management code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to exhaust filesystem resources on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to ineffective management of the underlying filesystem resources. An attacker could exploit this vulnerability by performing specific actions that result in messages being sent to specific operating system log files. A successful exploit could allow the attacker to exhaust available filesystem space on an affected device. This could cause the device to crash and reload, resulting in a DoS condition for clients whose network traffic is transiting the device. Upon reload of the device, the impacted filesystem space is cleared, and the device will return to normal operation. However, continued exploitation of this vulnerability could cause subsequent forced crashes and reloads, which could lead to an extended DoS condition.",Cisco,Cisco iOS Xe Software 16.1.1,8.6,HIGH,0.0015899999998509884,false,,false,false,true,2024-09-16T21:18:07.000Z,,false,false,,2019-09-25T00:00:00.000Z,0