CVE-2020-3141

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software (affected versions not specified)

Description: The issue is related to multiple vulnerabilities in the web management framework of Cisco IOS XE Software. These vulnerabilities could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. The vulnerability is also associated with insufficient input validation in the web interface of the Cisco IOS XE operating system, which can be exploited by a remote attacker to gain elevated privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.