Published: 03/06/2020 Updated: 06/08/2021

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker could exploit this vulnerability by logging in to an affected device locally with valid credentials. A successful exploit could allow the malicious user to read the sensitive information of other users on the affected device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco application policy infrastructure controller 1.1\\(0c\\)
cisco application services engine

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device The vulnerability is due to insufficient authorization limitations An attacker could exploit this vulnerability by logging in to an affected device locally w ...

CWE-863 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-APIC-KSV-3wzbHYT4 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-APIC-KSV-3wzbHYT4

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-3335

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect