First published: Mon Aug 17 2020(Updated: )
A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker access to sensitive information on an affected system. The vulnerability is due to improper handling of authentication tokens by the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker access to sensitive device information, which includes configuration files.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco DNA Center | >=1.3<1.3.1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-3411 is a vulnerability in Cisco DNA Center software that allows an unauthenticated remote attacker access to sensitive information on an affected system.
The vulnerability in CVE-2020-3411 occurs due to improper handling of authentication tokens by the affected software.
The severity of CVE-2020-3411 is high with a CVSS score of 7.5.
Versions 1.3 to 1.3.1.4 of Cisco DNA Center software are affected by CVE-2020-3411.
To fix the vulnerability CVE-2020-3411, it is recommended to upgrade to a fixed version of Cisco DNA Center software.