CVE-2020-3235

Improper Input Validation (CWE-20)

Published: Jun 3, 2020 / Updated: 38mo ago

010
CVSS 7.7EPSS 0.08%High
CVE info copied to clipboard

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the software processes specific SNMP object identifiers. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: To exploit this vulnerability by using SNMPv2c or earlier, the attacker must know the SNMP read-only community string for an affected system. To exploit this vulnerability by using SNMPv3, the attacker must know the user credentials for the affected system.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2020-3235. See article

Jun 3, 2020 at 4:06 PM / tools.cisco.com
EPSS

EPSS Score was set to: 0.08% (Percentile: 34.5%)

Sep 19, 2023 at 10:10 AM
Static CVE Timeline Graph

Affected Systems

Oracle/goldengate_management_pack
+null more

Patches

tools.cisco.com
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

CVE-2020-10650
Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Unifier. Supported versions that are affected are 16.1, 16.2, 17.7-17.12, 18.8 and 19.12.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to\n compromise Primavera Unifier.
log4j 1.2.x vulnerability CVE-2020-9488
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. (CVE-2020-9488) Impact There is no impact; F5 products are not affected by this...
Uncontrolled Resource Consumption in Apache Tomcat
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become...
bootstrap security update
[3.0.0-7.0.1] - Backport jQuery CVE-2020-11023 fixes from jQuery v3.5.0 to bundled v1.10.2 [Orabug:...
Golang Cryptomining Worm Offers 15% Speed Boost
A freshly discovered variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said. According to research from Uptycs, the worm scans for and exploits various known vulnerabilities in popular Unix and Linux-based web servers, including CVE-2020-14882 in the Oracle WebLogic Server, and CVE-2017-11610, a remote code-execution (RCE) bug which affects XML-RPC servers. XML-RPC is an interface provided by WordPress. “CVE-2020-14882 [is a] classic path-traversal vulnerability used for exploiting vulnerable web logic servers,” according to Uptycs. “It seemed like the attacker tried to bypass the authorization mechanism by changing the URL and performing a path traversal using double encoding on /console/images.” The exploit for CVE-2017-11610 meanwhile contains an encoded payload in one of the parameters, researchers added. Golang Cryptomining Attack Kill Chain After initial exploitation, the attack begins with a shell script which downloads the worm using the curl utility, researchers noted, adding that the script uses several defense-evasion techniques like firewall altering and disabling monitoring agents. That initial script then downloads the first-stage worm sample, which was compiled in Golang (hence its name) and UPX-packed, the report noted. The worm uses the go-bindata package to embed off-the-shelf...
See 11 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Changed
Confidentiality:None
Integrity:None
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI