How severe is CVE-2020-3476?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2020-3476?

This is classified as CWE-552, which is a common weakness in software security.

CVE-2020-3476

MEDIUM Year: 2020

CVSS v3 Score

4.4

Medium

CVSS v2 Score

3.6

Low

Weakness Type

CWE-552

View all →

Vulnerability Description

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system.

CVE-2021-1512

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is...

CWE-5522021

CVE-2022-22490

MEDIUM

CVSS:4.4(Medium)

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342.

CWE-5522022

CVE-2022-45440

MEDIUM

CVSS:4.4(Medium)

A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, which processes symbolic links on external storage media. A local authenticated attacker with adminis...

CWE-5522022

CVE-2023-39480

MEDIUM

CVSS:4.4(Medium)

Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of S...

CWE-5522023

CVE-2024-35183

MEDIUM

CVSS:4.4(Medium)

wolfictl is a command line tool for working with Wolfi. A git authentication issue in versions prior to 0.16.10 allows a local user’s GitHub token to be sent to remote servers other than `github.com`....

CWE-5522024

CVE-2017-1602

MEDIUM

CVSS:4.3(Medium)

IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force...

CWE-5522017

CVE-2020-3476

Vulnerability Description

Related Vulnerabilities

CVE-2021-1512

CVE-2022-22490

CVE-2022-45440

CVE-2023-39480

CVE-2024-35183

CVE-2017-1602