{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T11:04:09.890","vulnerabilities":[{"cve":{"id":"CVE-2020-3381","sourceIdentifier":"psirt@cisco.com","published":"2020-07-16T18:15:18.907","lastModified":"2024-11-21T05:30:55.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct directory traversal attacks and obtain read and write access to sensitive files on a targeted system. The vulnerability is due to a lack of proper validation of files that are uploaded to an affected device. An attacker could exploit this vulnerability by uploading a crafted file to an affected system. An exploit could allow the attacker to view or modify arbitrary files on the targeted system."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración web de Cisco SD-WAN vManage Software podría permitir a un atacante remoto autenticado llevar a cabo ataques de salto de directorio y obtener acceso de lectura y escritura a archivos confidenciales en un sistema objetivo. La vulnerabilidad es debido a una falta de comprobación apropiada de los archivos que son cargados en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad mediante la carga de un archivo diseñado sobre un sistema afectado. Un explotación podría permitir al atacante visualizar o modificar archivos arbitrarios en el sistema objetivo"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"18.3.0","matchCriteriaId":"2374CB29-E84C-4F2C-919C-1AE05880C8C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"18.4.0","versionEndExcluding":"19.2.3","matchCriteriaId":"13929F17-0B3B-45B4-B208-B1500621E9B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:sd-wan_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"19.3.0","versionEndIncluding":"20.1","matchCriteriaId":"DBF65E6E-7BF2-42F8-9079-3AFBD7FAB658"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"0F77CD6A-83DA-4F31-A128-AD6DAECD623B"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"62564BB8-1282-4597-A645-056298BE7CCB"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*","matchCriteriaId":"2B68B363-3C57-4E95-8B13-0F9B59D551F7"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmdirtrav-eFdAxsJg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}