CVE-2020-3485

Name of the Vulnerable Software and Affected Versions Cisco Vision Dynamic Signage Director (affected versions not specified)

Description The issue is related to errors in access control management in the role-based access control (RBAC) functionality of the system. This could allow a remote attacker to gain access to resources they should not be able to access and perform actions they should not be able to perform. The vulnerability exists due to improper handling of RBAC by the web management software. An attacker could exploit this by sending a crafted HTTP request to an affected device, potentially allowing them to view and delete certain screen content on the system that they would not normally have privileges to access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.