Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-EFF-INCPERM-9E6H4YBZ
HistoryNov 04, 2020 - 4:00 p.m.

Cisco Edge Fog Fabric Resource Exposure Vulnerability

2020-11-0416:00:00
tools.cisco.com
11
cisco
edge fog fabric
api
vulnerability
rest
files
authorization
enforcement
exploit
software updates
advisory

EPSS

0.001

Percentile

34.4%

JSON

A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device.

The vulnerability is due to incorrect authorization enforcement on an affected system. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-eff-incperm-9E6h4yBz [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-eff-incperm-9E6h4yBz”]

Affected configurations

Vulners
Node
ciscoedge_fog_fabricMatchany
OR
ciscoedge_fog_fabricMatchany
VendorProductVersionCPE
ciscoedge_fog_fabricanycpe:2.3:a:cisco:edge_fog_fabric:any:*:*:*:*:*:*:*

Related

cve 1
cvelist 1
nvd 1
prion 1
cve
cve
CVE-2020-26084
2020-11-06 19:15:13
cvelist
cvelist
CVE-2020-26084 Cisco Edge Fog Fabric Resource Exposure Vulnerability
2020-11-06 18:15:29
nvd
nvd
CVE-2020-26084
2020-11-06 19:15:13
prion
prion
Authorization
2020-11-06 19:15:00

EPSS

0.001

Percentile

34.4%

JSON
Related for CISCO-SA-EFF-INCPERM-9E6H4YBZ
cve1cvelist1nvd1prion1