A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not properly authenticate API calls. An attacker could exploit this vulnerability by sending API requests to an affected system. A successful exploit could allow the attacker to view sensitive information on the affected system, including information about the devices that the system manages, without authentication.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-11-18T17:41:04.170307Z
Updated: 2024-09-17T02:21:28.818Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3392
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-11-18T18:15:12.623
Modified: 2020-12-01T21:57:34.173
Link: CVE-2020-3392
Redhat
No data.