How severe is CVE-2020-3213?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2020-3213?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2020-3213 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.

Related Vulnerabilities

CVE-2014-3752

MEDIUM

CVSS:6.7(Medium)

The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and earlier allows local users with administrator rights to execute arbitrary code with SYSTEM privileges via a crafted 0x83170180 call.

CWE-2642014

CVE-2015-3321

MEDIUM

CVSS:6.7(Medium)

Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations.

CWE-2642015

CVE-2015-4045

MEDIUM

CVSS:6.7(Medium)

The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script.

CWE-2642015

CVE-2015-8660

MEDIUM

CVSS:6.7(Medium)

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and mo...

CWE-2642015

CVE-2016-0905

MEDIUM

CVSS:6.7(Medium)

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.

CWE-2642016

CVE-2016-0908

MEDIUM

CVSS:6.7(Medium)

EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.

CWE-2642016