How severe is CVE-2020-3597?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2020-3597?

This is classified as CWE-23, which is a common weakness in software security.

CVE-2020-3597 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

A vulnerability in the configuration restore feature of Cisco Nexus Data Broker software could allow an unauthenticated, remote attacker to perform a directory traversal attack on an affected device. The vulnerability is due to insufficient validation of configuration backup files. An attacker could exploit this vulnerability by persuading an administrator to restore a crafted configuration backup file. A successful exploit could allow the attacker to overwrite arbitrary files that are accessible through the affected software on an affected device.

Related Vulnerabilities

CVE-2023-29189

MEDIUM

CVSS:5.4(Medium)

SAP CRM (WebClient UI) - versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801, allows an authenticated attacker to modify HTTP verbs used in requests to th...

CWE-232023

CVE-2024-52012

MEDIUM

CVSS:5.4(Medium)

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" A...

CWE-232024

CVE-2025-24343

MEDIUM

CVSS:5.4(Medium)

A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system pat...

CWE-232025

CVE-2025-43016

MEDIUM

CVSS:5.4(Medium)

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session

CWE-232025

CVE-2020-1904

MEDIUM

CVSS:5.5(Medium)

A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafte...

CWE-232020

CVE-2022-34378

MEDIUM

CVSS:5.5(Medium)

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.20, 9.2.1.13, 9.3.0.6, and 9.4.0.3, contain a relative path traversal vulnerability. A low privileged local attacker could potentially e...

CWE-232022