CVE-2020-3538

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 18, 2024

Summary

CVE-2020-3538 is a vulnerability affecting the REST API endpoint of Cisco Data Center Network Manager (DCNM) Software. It allows authenticated, remote attackers to execute path traversal attacks on impacted devices due to insufficient path restriction enforcement. By crafting malicious HTTP requests, an attacker can potentially overwrite or list arbitrary files on the affected device. Cisco has released software updates to mitigate this issue. No known workarounds are available to address this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Fedora Operating System

Affected Vendors

  • Fedora Project