5.3
CVE-2020-3122
- EPSS 0.04%
- Veröffentlicht 04.03.2025 19:15:36
- Zuletzt bearbeitet 31.07.2025 19:44:34
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to obtain sensitive network information.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Asyncos Version11.0.0-128
Cisco ≫ Secure Email And Web Manager M170 Version-
Cisco ≫ Secure Email And Web Manager M190 Version-
Cisco ≫ Secure Email And Web Manager M195 Version-
Cisco ≫ Secure Email And Web Manager M380 Version-
Cisco ≫ Secure Email And Web Manager M390 Version-
Cisco ≫ Secure Email And Web Manager M390x Version-
Cisco ≫ Secure Email And Web Manager M395 Version-
Cisco ≫ Secure Email And Web Manager M680 Version-
Cisco ≫ Secure Email And Web Manager M690 Version-
Cisco ≫ Secure Email And Web Manager M690x Version-
Cisco ≫ Secure Email And Web Manager M695 Version-
Cisco ≫ Secure Email And Web Manager M190 Version-
Cisco ≫ Secure Email And Web Manager M195 Version-
Cisco ≫ Secure Email And Web Manager M380 Version-
Cisco ≫ Secure Email And Web Manager M390 Version-
Cisco ≫ Secure Email And Web Manager M390x Version-
Cisco ≫ Secure Email And Web Manager M395 Version-
Cisco ≫ Secure Email And Web Manager M680 Version-
Cisco ≫ Secure Email And Web Manager M690 Version-
Cisco ≫ Secure Email And Web Manager M690x Version-
Cisco ≫ Secure Email And Web Manager M695 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.107 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.