What is CVE-2020-3166?

CVE-2020-3166 is a medium-severity vulnerability in Cisco Firepower Extensible Operating System (Fxos), classified under Improper Input Validation. CVSS score: 4.2/10. Published 2020-02-26.

How severe is CVE-2020-3166?

Medium severity. CVSS v3 base score is 4.2 out of 10.

Improper input validation in Cisco Firepower Extensible Operating System (Fxos)

CVE-2020-3166

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to read or write arbitrary files on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.002 (38.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.2 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L.

Affected products

Cisco Firepower Extensible Operating System (Fxos) — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20200226 Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3166?: CVE-2020-3166 is a medium-severity vulnerability in Cisco Firepower Extensible Operating System (Fxos), classified under Improper Input Validation. CVSS score: 4.2/10. Published 2020-02-26.
How severe is CVE-2020-3166?: Medium severity. CVSS v3 base score is 4.2 out of 10.