CVE-2020-3265

HIGH Year: 2020
CVSS v3 Score
7.0
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-264
View all →

Vulnerability Description

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to gain root-level privileges.

Related Vulnerabilities

CVE-2014-3222

HIGH
CVSS:7.0(High)

In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key ...

CWE-2642014

CVE-2014-9909

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-2642014

CVE-2014-9910

HIGH
CVSS:7.0(High)

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High ...

CWE-2642014

CVE-2015-0162

HIGH
CVSS:7.0(High)

IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.

CWE-2642015

CVE-2015-3222

HIGH
CVSS:7.0(High)

syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root.

CWE-2642015

CVE-2015-4685

HIGH
CVSS:7.0(High)

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo mi...

CWE-2642015