What is CVE-2020-3236?

CVE-2020-3236 is a medium-severity vulnerability in Cisco Enterprise Nfv Infrastructure Software, classified under Path Traversal. CVSS score: 6.7/10. Published 2020-06-18.

How severe is CVE-2020-3236?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Path Traversal in Cisco Enterprise Nfv Infrastructure Software

CVE-2020-3236

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and overwrite or read arbitrary files. The attacke…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (14.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Enterprise Nfv Infrastructure Software — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

20200617 Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3236?: CVE-2020-3236 is a medium-severity vulnerability in Cisco Enterprise Nfv Infrastructure Software, classified under Path Traversal. CVSS score: 6.7/10. Published 2020-06-18.
How severe is CVE-2020-3236?: Medium severity. CVSS v3 base score is 6.7 out of 10.