{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T11:42:37.538","vulnerabilities":[{"cve":{"id":"CVE-2020-3598","sourceIdentifier":"psirt@cisco.com","published":"2020-10-08T05:15:15.757","lastModified":"2024-11-21T05:31:23.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to access confidential information or make configuration changes. The vulnerability is due to missing authentication for a specific section of the web-based management interface. An attacker could exploit this vulnerability by accessing a crafted URL. A successful exploit could allow the attacker to obtain access to a section of the interface, which they could use to read confidential information or make configuration changes."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en web de Cisco Vision Dynamic Signage Director, podría permitir a un atacante remoto no autenticado acceder a información confidencial o realizar cambios de configuración. La vulnerabilidad es debido a una falta de autenticación para una sección específica de la interfaz de administración basada en web. Un atacante podría explotar esta vulnerabilidad mediante el acceso a una URL creada. Una explotación con éxito podría permitir al atacante obtener acceso a una sección de la interfaz, que podría ser usada para leer información confidencial o realizar cambios de configuración"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:*:*:*:*:*:*:*:*","versionEndExcluding":"6.2.0","matchCriteriaId":"E93E33BA-3B7B-4AE6-9524-997E4EF17473"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:-:*:*:*:*:*:*","matchCriteriaId":"0E9D9D82-2082-4127-9526-D05EE9547577"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:sp1:*:*:*:*:*:*","matchCriteriaId":"FD412C57-3DB3-4D46-B48A-39348157E977"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:sp2:*:*:*:*:*:*","matchCriteriaId":"FF7B8D97-A800-4D89-A952-3C1DE419D938"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:sp3:*:*:*:*:*:*","matchCriteriaId":"F656F305-6069-4132-AC4A-A8C4146EB433"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:sp4:*:*:*:*:*:*","matchCriteriaId":"34CEA4BF-2040-4FE9-8DF7-D8145D5D9809"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:vision_dynamic_signage_director:6.2.0:sp5:*:*:*:*:*:*","matchCriteriaId":"F846D6A8-F754-484B-A081-15D71C3C1112"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-missing-auth-rQO88rnj","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvdsd-missing-auth-rQO88rnj","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}