CVE-2020-3236

Name of the Vulnerable Software and Affected Versions Cisco Enterprise NFV Infrastructure Software (NFVIS) (affected versions not specified)

Description A vulnerability exists due to improper input validation of CLI command arguments, allowing an authenticated, local attacker with valid administrative credentials to gain root shell access to the underlying operating system. The attacker could exploit this using path traversal techniques when executing a vulnerable command, potentially overwriting or reading arbitrary files on an affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.