CVE-2020-3333 in Application Services Engineinfo

Zusammenfassung

von MITRE

A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected device. An attacker could exploit this vulnerability by crafting a malicious HTTP request to contact an affected device. A successful exploit could allow the attacker to update event policies on the affected device.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Cisco Systems, Inc.

Reservieren

12.12.2019

Moderieren

akzeptiert

Eintrag

VDB-156072

CPE

bereit

CWE

CWE-306 (bestätigt)

CVSS

5.3 (NVD)

EPSS

0.01040

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-3333
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-3333
CVE Details	https://www.cvedetails.com/cve/CVE-2020-3333/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!