How severe is CVE-2020-3362?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2020-3362?

This is classified as CWE-200, which is a common weakness in software security.

CVE-2020-3362 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability by executing a specific sequence of commands on the CLI. A successful exploit could allow the attacker to read configuration information that would normally be accessible to administrators only.

Related Vulnerabilities

CVE-2015-3142

MEDIUM

CVSS:4.7(Medium)

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensit...

CWE-2002015

CVE-2015-7328

MEDIUM

CVSS:4.7(Medium)

Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority (CA) certificate during the...

CWE-2002015

CVE-2015-7438

MEDIUM

CVSS:4.7(Medium)

IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.

CWE-2002015

CVE-2015-7493

MEDIUM

CVSS:4.7(Medium)

IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.

CWE-2002015

CVE-2016-10293

MEDIUM

CVSS:4.7(Medium)

An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because...

CWE-2002016

CVE-2016-10294

MEDIUM

CVSS:4.7(Medium)

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because...

CWE-2002016