How severe is CVE-2020-3485?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2020-3485?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2020-3485 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability in the role-based access control (RBAC) functionality of the web management software of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists because the web management software does not properly handle RBAC. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to view and delete certain screen content on the system that the attacker would not normally have privileges to access.

Related Vulnerabilities

CVE-2016-0763

MEDIUM

CVSS:6.3(Medium)

The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkF...

CWE-2642016

CVE-2016-3302

MEDIUM

CVSS:6.3(Medium)

Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows p...

CWE-2642016

CVE-2020-7257

MEDIUM

CVSS:6.3(Medium)

Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not norm...

CWE-2642020

CVE-2025-5321

MEDIUM

CVSS:6.3(Medium)

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component run_view...

CWE-2642025

CVE-2016-10398

MEDIUM

CVSS:6.2(Medium)

Android 6.0 has an authentication bypass for attackers with root and physical access. Cryptographic authentication tokens (AuthTokens) used by the Trusted Execution Environment (TEE) are protected by ...

CWE-2642016

CVE-2023-7265

MEDIUM

CVSS:6.2(Medium)

Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability

CWE-2642023