CVE-2020-3141: Cisco IOS XE Software Privilege Escalation Vulnerabilities
First published: Thu Sep 24 2020(Updated: )
Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | =16.9.4 | |
| Cisco IOS XE | =17.2.1 | |
| Cisco IOS XE | =17.3 | |
| Cisco IOS XE | =17.4.1 | |
| Cisco 1100-4g Integrated Services Router | ||
| Cisco 1100-4gltegb Integrated Services Router | ||
| Cisco 1100-4gltena Integrated Services Router | ||
| Cisco 1100-4p Integrated Services Router | ||
| Cisco 1100-6g Integrated Services Router | ||
| Cisco 1100-8p Integrated Services Router | ||
| Cisco 1100-lte Integrated Services Router | ||
| Cisco 1100 Integrated Services Router | ||
| Cisco 1101-4p Integrated Services Router | ||
| Cisco 1101 Integrated Services Router | ||
| Cisco 1109-2p Integrated Services Router | ||
| Cisco 1109-4p Integrated Services Router | ||
| Cisco 1109 Integrated Services Router | ||
| Cisco 1111x-8p Integrated Services Router | ||
| Cisco 1111x Integrated Services Router | ||
| Cisco 111x Integrated Services Router | ||
| Cisco 1120 Integrated Services Router | ||
| Cisco 1160 Integrated Services Router | ||
| Cisco 4221 Integrated Services Router | ||
| Cisco 4331 Integrated Services Router | ||
| Cisco 4431 Integrated Services Router | ||
| Cisco 4451 Integrated Services Router | ||
| Cisco 4461 Integrated Services Router | ||
| Cisco Asr 1000-x | ||
| Cisco Asr 1001 | ||
| Cisco Asr 1001-x | ||
| Cisco Asr 1002 | ||
| Cisco Asr 1002-x | ||
| Cisco Asr 1004 | ||
| Cisco Asr 1006 | ||
| Cisco Asr 1013 | ||
| Cisco Asr1001-hx | ||
| Cisco Asr1001-hx-rf | ||
| Cisco Asr1001-x-rf | ||
| Cisco Asr1001-x-ws | ||
| Cisco Asr1002-hx | ||
| Cisco Asr1002-hx-rf | ||
| Cisco Asr1002-hx-ws | ||
| Cisco Asr1002-x-rf | ||
| Cisco Asr1002-x-ws | ||
| Cisco Catalyst 9800-40 | ||
| Cisco Catalyst 9800-80 | ||
| Cisco Catalyst 9800-cl | ||
| Cisco Catalyst 9800-l | ||
| Cisco Catalyst 9800-l-c | ||
| Cisco Catalyst 9800-l-f | ||
| Cisco Catalyst C9200-24p | ||
| Cisco Catalyst C9200-24t | ||
| Cisco Catalyst C9200-48p | ||
| Cisco Catalyst C9200-48t | ||
| Cisco Catalyst C9200l-24p-4g | ||
| Cisco Catalyst C9200l-24p-4x | ||
| Cisco Catalyst C9200l-24pxg-2y | ||
| Cisco Catalyst C9200l-24pxg-4x | ||
| Cisco Catalyst C9200l-24t-4g | ||
| Cisco Catalyst C9200l-24t-4x | ||
| Cisco Catalyst C9200l-48p-4g | ||
| Cisco Catalyst C9200l-48p-4x | ||
| Cisco Catalyst C9200l-48pxg-2y | ||
| Cisco Catalyst C9200l-48pxg-4x | ||
| Cisco Catalyst C9200l-48t-4g | ||
| Cisco Catalyst C9200l-48t-4x | ||
| Cisco Catalyst C9300-24p | ||
| Cisco Catalyst C9300-24s | ||
| Cisco Catalyst C9300-24t | ||
| Cisco Catalyst C9300-24u | ||
| Cisco Catalyst C9300-24ux | ||
| Cisco Catalyst C9300-48p | ||
| Cisco Catalyst C9300-48s | ||
| Cisco Catalyst C9300-48t | ||
| Cisco Catalyst C9300-48u | ||
| Cisco Catalyst C9300-48un | ||
| Cisco Catalyst C9300-48uxm | ||
| Cisco Catalyst C9300l-24p-4g | ||
| Cisco Catalyst C9300l-24p-4x | ||
| Cisco Catalyst C9300l-24t-4g | ||
| Cisco Catalyst C9300l-24t-4x | ||
| Cisco Catalyst C9300l-48p-4g | ||
| Cisco Catalyst C9300l-48p-4x | ||
| Cisco Catalyst C9300l-48t-4g | ||
| Cisco Catalyst C9300l-48t-4x | ||
| Cisco Catalyst C9404r | ||
| Cisco Catalyst C9407r | ||
| Cisco Catalyst C9410r | ||
| Cisco Catalyst C9500-12q | ||
| Cisco Catalyst C9500-16x | ||
| Cisco Catalyst C9500-24q | ||
| Cisco Catalyst C9500-24y4c | ||
| Cisco Catalyst C9500-32c | ||
| Cisco Catalyst C9500-32qc | ||
| Cisco Catalyst C9500-40x | ||
| Cisco Catalyst C9500-48y4c | ||
| Cisco Csr 1000v | ||
| Cisco Ws-c3650-12x48uq | ||
| Cisco Ws-c3650-12x48ur | ||
| Cisco Ws-c3650-12x48uz | ||
| Cisco Ws-c3650-24pd | ||
| Cisco Ws-c3650-24pdm | ||
| Cisco Ws-c3650-24ps | ||
| Cisco Ws-c3650-24td | ||
| Cisco Ws-c3650-24ts | ||
| Cisco Ws-c3650-48fd | ||
| Cisco Ws-c3650-48fq | ||
| Cisco Ws-c3650-48fqm | ||
| Cisco Ws-c3650-48fs | ||
| Cisco Ws-c3650-48pd | ||
| Cisco Ws-c3650-48pq | ||
| Cisco Ws-c3650-48ps | ||
| Cisco Ws-c3650-48td | ||
| Cisco Ws-c3650-48tq | ||
| Cisco Ws-c3650-48ts | ||
| Cisco Ws-c3650-8x24uq | ||
| Cisco Ws-c3850 | ||
| Cisco Ws-c3850-12s | ||
| Cisco Ws-c3850-12x48u | ||
| Cisco Ws-c3850-12xs | ||
| Cisco Ws-c3850-24p | ||
| Cisco Ws-c3850-24s | ||
| Cisco Ws-c3850-24t | ||
| Cisco Ws-c3850-24u | ||
| Cisco Ws-c3850-24xs | ||
| Cisco Ws-c3850-24xu | ||
| Cisco Ws-c3850-48f | ||
| Cisco Ws-c3850-48p | ||
| Cisco Ws-c3850-48t | ||
| Cisco Ws-c3850-48u | ||
| Cisco Ws-c3850-48xs |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/title
- agent/tags
- agent/author
- agent/event
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/16.9.4
- version/cisco ios xe/17.2.1
- version/cisco ios xe/17.3
- version/cisco ios xe/17.4.1
- canonical/cisco 1100-4g integrated services router
- canonical/cisco 1100-4gltegb integrated services router
- canonical/cisco 1100-4gltena integrated services router
- canonical/cisco 1100-4p integrated services router
- canonical/cisco 1100-6g integrated services router
- canonical/cisco 1100-8p integrated services router
- canonical/cisco 1100-lte integrated services router
- canonical/cisco 1100 integrated services router
- canonical/cisco 1101-4p integrated services router
- canonical/cisco 1101 integrated services router
- canonical/cisco 1109-2p integrated services router
- canonical/cisco 1109-4p integrated services router
- canonical/cisco 1109 integrated services router
- canonical/cisco 1111x-8p integrated services router
- canonical/cisco 1111x integrated services router
- canonical/cisco 111x integrated services router
- canonical/cisco 1120 integrated services router
- canonical/cisco 1160 integrated services router
- canonical/cisco 4221 integrated services router
- canonical/cisco 4331 integrated services router
- canonical/cisco 4431 integrated services router
- canonical/cisco 4451 integrated services router
- canonical/cisco 4461 integrated services router
- canonical/cisco asr 1000-x
- canonical/cisco asr 1001
- canonical/cisco asr 1001-x
- canonical/cisco asr 1002
- canonical/cisco asr 1002-x
- canonical/cisco asr 1004
- canonical/cisco asr 1006
- canonical/cisco asr 1013
- canonical/cisco asr1001-hx
- canonical/cisco asr1001-hx-rf
- canonical/cisco asr1001-x-rf
- canonical/cisco asr1001-x-ws
- canonical/cisco asr1002-hx
- canonical/cisco asr1002-hx-rf
- canonical/cisco asr1002-hx-ws
- canonical/cisco asr1002-x-rf
- canonical/cisco asr1002-x-ws
- canonical/cisco catalyst 9800-40
- canonical/cisco catalyst 9800-80
- canonical/cisco catalyst 9800-cl
- canonical/cisco catalyst 9800-l
- canonical/cisco catalyst 9800-l-c
- canonical/cisco catalyst 9800-l-f
- canonical/cisco catalyst c9200-24p
- canonical/cisco catalyst c9200-24t
- canonical/cisco catalyst c9200-48p
- canonical/cisco catalyst c9200-48t
- canonical/cisco catalyst c9200l-24p-4g
- canonical/cisco catalyst c9200l-24p-4x
- canonical/cisco catalyst c9200l-24pxg-2y
- canonical/cisco catalyst c9200l-24pxg-4x
- canonical/cisco catalyst c9200l-24t-4g
- canonical/cisco catalyst c9200l-24t-4x
- canonical/cisco catalyst c9200l-48p-4g
- canonical/cisco catalyst c9200l-48p-4x
- canonical/cisco catalyst c9200l-48pxg-2y
- canonical/cisco catalyst c9200l-48pxg-4x
- canonical/cisco catalyst c9200l-48t-4g
- canonical/cisco catalyst c9200l-48t-4x
- canonical/cisco catalyst c9300-24p
- canonical/cisco catalyst c9300-24s
- canonical/cisco catalyst c9300-24t
- canonical/cisco catalyst c9300-24u
- canonical/cisco catalyst c9300-24ux
- canonical/cisco catalyst c9300-48p
- canonical/cisco catalyst c9300-48s
- canonical/cisco catalyst c9300-48t
- canonical/cisco catalyst c9300-48u
- canonical/cisco catalyst c9300-48un
- canonical/cisco catalyst c9300-48uxm
- canonical/cisco catalyst c9300l-24p-4g
- canonical/cisco catalyst c9300l-24p-4x
- canonical/cisco catalyst c9300l-24t-4g
- canonical/cisco catalyst c9300l-24t-4x
- canonical/cisco catalyst c9300l-48p-4g
- canonical/cisco catalyst c9300l-48p-4x
- canonical/cisco catalyst c9300l-48t-4g
- canonical/cisco catalyst c9300l-48t-4x
- canonical/cisco catalyst c9404r
- canonical/cisco catalyst c9407r
- canonical/cisco catalyst c9410r
- canonical/cisco catalyst c9500-12q
- canonical/cisco catalyst c9500-16x
- canonical/cisco catalyst c9500-24q
- canonical/cisco catalyst c9500-24y4c
- canonical/cisco catalyst c9500-32c
- canonical/cisco catalyst c9500-32qc
- canonical/cisco catalyst c9500-40x
- canonical/cisco catalyst c9500-48y4c
- canonical/cisco csr 1000v
- canonical/cisco ws-c3650-12x48uq
- canonical/cisco ws-c3650-12x48ur
- canonical/cisco ws-c3650-12x48uz
- canonical/cisco ws-c3650-24pd
- canonical/cisco ws-c3650-24pdm
- canonical/cisco ws-c3650-24ps
- canonical/cisco ws-c3650-24td
- canonical/cisco ws-c3650-24ts
- canonical/cisco ws-c3650-48fd
- canonical/cisco ws-c3650-48fq
- canonical/cisco ws-c3650-48fqm
- canonical/cisco ws-c3650-48fs
- canonical/cisco ws-c3650-48pd
- canonical/cisco ws-c3650-48pq
- canonical/cisco ws-c3650-48ps
- canonical/cisco ws-c3650-48td
- canonical/cisco ws-c3650-48tq
- canonical/cisco ws-c3650-48ts
- canonical/cisco ws-c3650-8x24uq
- canonical/cisco ws-c3850
- canonical/cisco ws-c3850-12s
- canonical/cisco ws-c3850-12x48u
- canonical/cisco ws-c3850-12xs
- canonical/cisco ws-c3850-24p
- canonical/cisco ws-c3850-24s
- canonical/cisco ws-c3850-24t
- canonical/cisco ws-c3850-24u
- canonical/cisco ws-c3850-24xs
- canonical/cisco ws-c3850-24xu
- canonical/cisco ws-c3850-48f
- canonical/cisco ws-c3850-48p
- canonical/cisco ws-c3850-48t
- canonical/cisco ws-c3850-48u
- canonical/cisco ws-c3850-48xs