How severe is CVE-2020-3539?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2020-3539?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2020-3539 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to view, modify, and delete data without proper authorization. The vulnerability is due to a failure to limit access to resources that are intended for users with Administrator privileges. An attacker could exploit this vulnerability by convincing a user to click a malicious URL. A successful exploit could allow a low-privileged attacker to list, view, create, edit, and delete templates in the same manner as a user with Administrator privileges.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2019-3849

MEDIUM

CVSS:6.3(Medium)

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the ...

CWE-2852019

CVE-2020-5250

MEDIUM

CVSS:6.3(Medium)

In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else's address. It is the same with CustomerForm, y...

CWE-2852020

CVE-2023-2950

MEDIUM

CVSS:6.3(Medium)

Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.

CWE-2852023

CVE-2023-3574

MEDIUM

CVSS:6.3(Medium)

Improper Authorization in GitHub repository pimcore/customer-data-framework prior to 3.4.1.

CWE-2852023

CVE-2024-3013

MEDIUM

CVSS:6.3(Medium)

A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue affects some unknown processing of the file /tools/test_login.php?action=register of the component User R...

CWE-2852024

CVE-2024-41962

MEDIUM

CVSS:6.3(Medium)

Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorized_keys being set when noscraper is set to true. This vulnerability is fixed in...

CWE-2852024