CVE-2020-3362

Name of the Vulnerable Software and Affected Versions Cisco Network Services Orchestrator (NSO) (affected versions not specified)

Description A timing issue in the processing of CLI commands could allow an authenticated, local attacker to access confidential information on an affected device. The issue is related to the lack of protection for internal data. An attacker could exploit this by executing a specific sequence of commands on the CLI, potentially allowing them to read configuration information that would normally be accessible to administrators only.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.