CVE-2020-3457

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified)

Description The issue exists due to insufficient input validation of commands supplied by the user in the command-line interface of the operating system. This could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. An attacker could exploit this by authenticating to a device and submitting crafted input to the affected command, potentially allowing the execution of commands on the underlying operating system with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.