CVE-2020-3257 - OpenCVE

Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:L/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	1120 Connected Grid Router 1240 Connected Grid Router Ios Ir809g-lte-ga-k9 Ir809g-lte-la-k9 Ir809g-lte-na-k9 Ir809g-lte-vz-k9 Ir829-2lte-ea-ak9 Ir829-2lte-ea-bk9 Ir829-2lte-ea-ek9 Ir829gw-lte-ga-ck9 Ir829gw-lte-ga-ek9 Ir829gw-lte-ga-sk9 Ir829gw-lte-ga-zk9 Ir829gw-lte-na-ak9 Ir829gw-lte-vz-ak9

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ios:15.8\(3.0z\)m1:::::::*
	cpe:2.3:o:cisco:ios:15.9:::::::*

OR	cpe:2.3:h:cisco:1120_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:1240_connected_grid_router:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-ga-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-la-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-na-k9:-:::::::*
	cpe:2.3:h:cisco:ir809g-lte-vz-k9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-ak9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-bk9:-:::::::*
	cpe:2.3:h:cisco:ir829-2lte-ea-ek9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-ck9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-ek9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-sk9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-ga-zk9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-na-ak9:-:::::::*
	cpe:2.3:h:cisco:ir829gw-lte-vz-ak9:-:::::::*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-iot-gos-vuln-s9qS8kYL

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-06-03T17:56:08.634778Z

Updated: 2024-09-16T20:52:08.191Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3257

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-06-03T18:15:21.840

Modified: 2021-10-19T19:38:31.507

Link: CVE-2020-3257

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object