NVD - CVE-2020-3118

Vulnerability Change Records for CVE-2020-3118

Change History

Initial Analysis by NIST 2/10/2020 11:26:04 AM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xr:5.2.5::::::: OR cpe:2.3:h:cisco:ncs_6000:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xr:6.5.2::::::: OR cpe:2.3:h:cisco:asr_9000v:-:::::::* cpe:2.3:h:cisco:asr_9001:-:::::::* cpe:2.3:h:cisco:asr_9006:-:::::::* cpe:2.3:h:cisco:asr_9010:-:::::::* cpe:2.3:h:cisco:asr_9901:-:::::::* cpe:2.3:h:cisco:asr_9904:-:::::::* cpe:2.3:h:cisco:asr_9906:-:::::::* cpe:2.3:h:cisco:asr_9910:-:::::::* cpe:2.3:h:cisco:asr_9912:-:::::::* cpe:2.3:h:cisco:asr_9922:-:::::::* cpe:2.3:h:cisco:crs:-:::::::* cpe:2.3:h:cisco:ncs_1001:-:::::::* cpe:2.3:h:cisco:ncs_1002:-:::::::* cpe:2.3:h:cisco:ncs_1004:-:::::::* cpe:2.3:h:cisco:ncs_520:-:::::::* cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:::::::* cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-acc-sys:-:::::::* cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-acc-sys:-:::::::* cpe:2.3:h:cisco:ncs_5501:-:::::::* cpe:2.3:h:cisco:ncs_5501-se:-:::::::* cpe:2.3:h:cisco:ncs_5502:-:::::::* cpe:2.3:h:cisco:ncs_5502-se:-:::::::* cpe:2.3:h:cisco:ncs_5508:-:::::::* cpe:2.3:h:cisco:ncs_5516:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xr:6.5.3::::::: OR cpe:2.3:h:cisco:ncs_5001:-:::::::* cpe:2.3:h:cisco:ncs_5002:-:::::::* cpe:2.3:h:cisco:ncs_5011:-:::::::* cpe:2.3:h:cisco:ncs_540:-:::::::* cpe:2.3:h:cisco:xrv_9000:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xr:6.6.25::::::: OR cpe:2.3:h:cisco:ncs_560:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:cisco:ios_xr:7.0.1::::::: OR cpe:2.3:h:cisco:ncs_540l:-:::::::*
Added	CPE Configuration		OR cpe:2.3:o:cisco:ios_xr::::::::* versions from (including) 6.6.0 up to (excluding) 6.6.12 cpe:2.3:o:cisco:ios_xr::::::::* versions from (including) 7.0.0 up to (excluding) 7.0.2
Added	CVSS V2		NIST (AV:A/AC:L/Au:N/C:C/I:C/A:C)
Added	CVSS V3.1		NIST AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added	CWE		NIST CWE-134
Changed	Reference Type	http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html No Types Assigned	http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html Third Party Advisory, VDB Entry
Changed	Reference Type	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce No Types Assigned	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce Vendor Advisory