What is CVE-2020-3448?

CVE-2020-3448 is a medium-severity vulnerability in Cisco Cyber Vision, classified under Improper Access Control. CVSS score: 5.8/10. Published 2020-08-17.

How severe is CVE-2020-3448?

Medium severity. CVSS v3 base score is 5.8 out of 10.

Vulnerability in Cisco Cyber Vision

CVE-2020-3448

A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are running on an affected device. The vulnerab…

EPSS: 0.006 (69.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.8 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N.

Affected products

Cisco Cyber Vision — versions n/a

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

20200805 Cisco Cyber Vision Center Software Access Control Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3448?: CVE-2020-3448 is a medium-severity vulnerability in Cisco Cyber Vision, classified under Improper Access Control. CVSS score: 5.8/10. Published 2020-08-17.
How severe is CVE-2020-3448?: Medium severity. CVSS v3 base score is 5.8 out of 10.