CVE-2020-26062 - Vulnerability Details

Vendors	Products
Cisco	Unified Computing System

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco unified Computing System
CPEs		cpe:2.3:a:cisco:unified_computing_system:3.2\(1d\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(2b\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(2c\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(2d\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(2e\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(2f\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3a\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3b\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3d\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3e\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3g\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3h\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3i\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3j\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3k\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3l\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3n\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3o\):::::::* cpe:2.3:a:cisco:unified_computing_system:3.2\(3p\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(1a\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(1b\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(1c\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(1d\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(2a\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(2b\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(2d\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(2e\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4a\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4b\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4c\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4d\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4e\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4f\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4g\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4h\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.0\(4i\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(1a\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(1b\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(1c\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(1d\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(1e\):::::::* cpe:2.3:a:cisco:unified_computing_system:4.1\(2a\):::::::*
Vendors & Products		Cisco Cisco unified Computing System
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Description		A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability.
Title		Cisco Integrated Management Controller Username Enumeration Vulnerability
Weaknesses		CWE-203
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2020-26062", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2020-09-24T00:00:00.000Z", "datePublished": "2024-11-18T16:06:00.592Z", "dateUpdated": "2024-11-18T18:46:04.617Z"}, "containers": {"cna": {"title": "Cisco Integrated Management Controller Username Enumeration Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco&nbsp;Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application.\r\nThe vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7", "name": "cisco-sa-cimc-enum-CyheP3B7"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL"}], "exploits": [{"lang": "en", "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-cimc-enum-CyheP3B7", "discovery": "EXTERNAL", "defects": ["CSCvv07275"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Observable Discrepancy", "type": "cwe", "cweId": "CWE-203"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Unified Computing System (Managed)", "versions": [{"version": "4.0(1a)", "status": "affected"}, {"version": "3.2(3n)", "status": "affected"}, {"version": "4.1(1a)", "status": "affected"}, {"version": "4.1(1b)", "status": "affected"}, {"version": "4.0(4h)", "status": "affected"}, {"version": "4.1(1c)", "status": "affected"}, {"version": "3.2(3k)", "status": "affected"}, {"version": "3.2(2c)", "status": "affected"}, {"version": "4.0(4e)", "status": "affected"}, {"version": "4.0(4g)", "status": "affected"}, {"version": "3.2(3i)", "status": "affected"}, {"version": "4.0(2e)", "status": "affected"}, {"version": "3.2(3g)", "status": "affected"}, {"version": "4.0(4a)", "status": "affected"}, {"version": "4.0(2d)", "status": "affected"}, {"version": "3.2(2d)", "status": "affected"}, {"version": "4.0(1b)", "status": "affected"}, {"version": "4.0(4f)", "status": "affected"}, {"version": "3.2(3h)", "status": "affected"}, {"version": "3.2(2f)", "status": "affected"}, {"version": "4.0(4c)", "status": "affected"}, {"version": "3.2(3a)", "status": "affected"}, {"version": "4.0(1c)", "status": "affected"}, {"version": "3.2(3d)", "status": "affected"}, {"version": "3.2(2b)", "status": "affected"}, {"version": "4.0(4b)", "status": "affected"}, {"version": "3.2(2e)", "status": "affected"}, {"version": "4.0(2b)", "status": "affected"}, {"version": "4.0(4d)", "status": "affected"}, {"version": "3.2(1d)", "status": "affected"}, {"version": "3.2(3e)", "status": "affected"}, {"version": "3.2(3l)", "status": "affected"}, {"version": "3.2(3b)", "status": "affected"}, {"version": "4.0(2a)", "status": "affected"}, {"version": "3.2(3j)", "status": "affected"}, {"version": "4.0(1d)", "status": "affected"}, {"version": "3.2(3o)", "status": "affected"}, {"version": "4.0(4i)", "status": "affected"}, {"version": "4.1(1d)", "status": "affected"}, {"version": "4.1(2a)", "status": "affected"}, {"version": "4.1(1e)", "status": "affected"}, {"version": "3.2(3p)", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-18T16:06:00.592Z"}}, "adp": [{"affected": [{"vendor": "cisco", "product": "unified_computing_system", "cpes": ["cpe:2.3:a:cisco:unified_computing_system:4.0\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3p\\):*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "4.0\\(1a\\)", "status": "affected"}, {"version": "3.2\\(3n\\)", "status": "affected"}, {"version": "4.1\\(1a\\)", "status": "affected"}, {"version": "4.1\\(1b\\)", "status": "affected"}, {"version": "4.0\\(4h\\)", "status": "affected"}, {"version": "4.1\\(1c\\)", "status": "affected"}, {"version": "3.2\\(3k\\)", "status": "affected"}, {"version": "3.2\\(2c\\)", "status": "affected"}, {"version": "4.0\\(4e\\)", "status": "affected"}, {"version": "4.0\\(4g\\)", "status": "affected"}, {"version": "3.2\\(3i\\)", "status": "affected"}, {"version": "4.0\\(2e\\)", "status": "affected"}, {"version": "3.2\\(3g\\)", "status": "affected"}, {"version": "4.0\\(4a\\)", "status": "affected"}, {"version": "4.0\\(2d\\)", "status": "affected"}, {"version": "3.2\\(2d\\)", "status": "affected"}, {"version": "4.0\\(1b\\)", "status": "affected"}, {"version": "4.0\\(4f\\)", "status": "affected"}, {"version": "3.2\\(3h\\)", "status": "affected"}, {"version": "3.2\\(2f\\)", "status": "affected"}, {"version": "4.0\\(4c\\)", "status": "affected"}, {"version": "3.2\\(3a\\)", "status": "affected"}, {"version": "4.0\\(1c\\)", "status": "affected"}, {"version": "3.2\\(3d\\)", "status": "affected"}, {"version": "3.2\\(2b\\)", "status": "affected"}, {"version": "4.0\\(4b\\)", "status": "affected"}, {"version": "3.2\\(2e\\)", "status": "affected"}, {"version": "4.0\\(2b\\)", "status": "affected"}, {"version": "4.0\\(4d\\)", "status": "affected"}, {"version": "3.2\\(1d\\)", "status": "affected"}, {"version": "3.2\\(3e\\)", "status": "affected"}, {"version": "3.2\\(3l\\)", "status": "affected"}, {"version": "3.2\\(3b\\)", "status": "affected"}, {"version": "4.0\\(2a\\)", "status": "affected"}, {"version": "3.2\\(3j\\)", "status": "affected"}, {"version": "4.0\\(1d\\)", "status": "affected"}, {"version": "3.2\\(3o\\)", "status": "affected"}, {"version": "4.0\\(4i\\)", "status": "affected"}, {"version": "4.1\\(1d\\)", "status": "affected"}, {"version": "4.1\\(2a\\)", "status": "affected"}, {"version": "4.1\\(1e\\)", "status": "affected"}, {"version": "3.2\\(3p\\)", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-18T18:39:09.926743Z", "id": "CVE-2020-26062", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-18T18:46:04.617Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2020-26062 (string)

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

state : PUBLISHED (string)

assignerShortName : cisco (string)

dateReserved : 2020-09-24T00:00:00.000Z (string)

datePublished : 2024-11-18T16:06:00.592Z (string)

dateUpdated : 2024-11-18T18:46:04.617Z (string)

}

containers : { »

cna : { »

title : Cisco Integrated Management Controller Username Enumeration Vulnerability (string)

metrics : [ »

0 : { »

format : cvssV3_1 (string)

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

attackVector : NETWORK (string)

attackComplexity : LOW (string)

privilegesRequired : NONE (string)

userInteraction : NONE (string)

scope : UNCHANGED (string)

confidentialityImpact : LOW (string)

integrityImpact : NONE (string)

availabilityImpact : NONE (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability. (string)

}

]

references : [ »

0 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7 (string)

name : cisco-sa-cimc-enum-CyheP3B7 (string)

}

1 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns (string)

name : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns (string)

}

2 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3 (string)

name : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3 (string)

}

3 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD (string)

name : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD (string)

}

4 : { »

url : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL (string)

name : https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. (string)

}

]

source : { »

advisory : cisco-sa-cimc-enum-CyheP3B7 (string)

discovery : EXTERNAL (string)

defects : [ »

0 : CSCvv07275 (string)

]

}

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

description : Observable Discrepancy (string)

type : cwe (string)

cweId : CWE-203 (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Cisco (string)

product : Cisco Unified Computing System (Managed) (string)

versions : [ »

0 : { »

version : 4.0(1a) (string)

status : affected (string)

}

1 : { »

version : 3.2(3n) (string)

status : affected (string)

}

2 : { »

version : 4.1(1a) (string)

status : affected (string)

}

3 : { »

version : 4.1(1b) (string)

status : affected (string)

}

4 : { »

version : 4.0(4h) (string)

status : affected (string)

}

5 : { »

version : 4.1(1c) (string)

status : affected (string)

}

6 : { »

version : 3.2(3k) (string)

status : affected (string)

}

7 : { »

version : 3.2(2c) (string)

status : affected (string)

}

8 : { »

version : 4.0(4e) (string)

status : affected (string)

}

9 : { »

version : 4.0(4g) (string)

status : affected (string)

}

10 : { »

version : 3.2(3i) (string)

status : affected (string)

}

11 : { »

version : 4.0(2e) (string)

status : affected (string)

}

12 : { »

version : 3.2(3g) (string)

status : affected (string)

}

13 : { »

version : 4.0(4a) (string)

status : affected (string)

}

14 : { »

version : 4.0(2d) (string)

status : affected (string)

}

15 : { »

version : 3.2(2d) (string)

status : affected (string)

}

16 : { »

version : 4.0(1b) (string)

status : affected (string)

}

17 : { »

version : 4.0(4f) (string)

status : affected (string)

}

18 : { »

version : 3.2(3h) (string)

status : affected (string)

}

19 : { »

version : 3.2(2f) (string)

status : affected (string)

}

20 : { »

version : 4.0(4c) (string)

status : affected (string)

}

21 : { »

version : 3.2(3a) (string)

status : affected (string)

}

22 : { »

version : 4.0(1c) (string)

status : affected (string)

}

23 : { »

version : 3.2(3d) (string)

status : affected (string)

}

24 : { »

version : 3.2(2b) (string)

status : affected (string)

}

25 : { »

version : 4.0(4b) (string)

status : affected (string)

}

26 : { »

version : 3.2(2e) (string)

status : affected (string)

}

27 : { »

version : 4.0(2b) (string)

status : affected (string)

}

28 : { »

version : 4.0(4d) (string)

status : affected (string)

}

29 : { »

version : 3.2(1d) (string)

status : affected (string)

}

30 : { »

version : 3.2(3e) (string)

status : affected (string)

}

31 : { »

version : 3.2(3l) (string)

status : affected (string)

}

32 : { »

version : 3.2(3b) (string)

status : affected (string)

}

33 : { »

version : 4.0(2a) (string)

status : affected (string)

}

34 : { »

version : 3.2(3j) (string)

status : affected (string)

}

35 : { »

version : 4.0(1d) (string)

status : affected (string)

}

36 : { »

version : 3.2(3o) (string)

status : affected (string)

}

37 : { »

version : 4.0(4i) (string)

status : affected (string)

}

38 : { »

version : 4.1(1d) (string)

status : affected (string)

}

39 : { »

version : 4.1(2a) (string)

status : affected (string)

}

40 : { »

version : 4.1(1e) (string)

status : affected (string)

}

41 : { »

version : 3.2(3p) (string)

status : affected (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

dateUpdated : 2024-11-18T16:06:00.592Z (string)

}

adp : [ »

0 : { »

affected : [ »

0 : { »

vendor : cisco (string)

product : unified_computing_system (string)

cpes : [ »

0 : cpe:2.3:a:cisco:unified_computing_system:4.0\(1a\):*:*:*:*:*:*:* (string)

1 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3n\):*:*:*:*:*:*:* (string)

2 : cpe:2.3:a:cisco:unified_computing_system:4.1\(1a\):*:*:*:*:*:*:* (string)

3 : cpe:2.3:a:cisco:unified_computing_system:4.1\(1b\):*:*:*:*:*:*:* (string)

4 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4h\):*:*:*:*:*:*:* (string)

5 : cpe:2.3:a:cisco:unified_computing_system:4.1\(1c\):*:*:*:*:*:*:* (string)

6 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3k\):*:*:*:*:*:*:* (string)

7 : cpe:2.3:a:cisco:unified_computing_system:3.2\(2c\):*:*:*:*:*:*:* (string)

8 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4e\):*:*:*:*:*:*:* (string)

9 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4g\):*:*:*:*:*:*:* (string)

10 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3i\):*:*:*:*:*:*:* (string)

11 : cpe:2.3:a:cisco:unified_computing_system:4.0\(2e\):*:*:*:*:*:*:* (string)

12 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3g\):*:*:*:*:*:*:* (string)

13 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4a\):*:*:*:*:*:*:* (string)

14 : cpe:2.3:a:cisco:unified_computing_system:4.0\(2d\):*:*:*:*:*:*:* (string)

15 : cpe:2.3:a:cisco:unified_computing_system:3.2\(2d\):*:*:*:*:*:*:* (string)

16 : cpe:2.3:a:cisco:unified_computing_system:4.0\(1b\):*:*:*:*:*:*:* (string)

17 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4f\):*:*:*:*:*:*:* (string)

18 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3h\):*:*:*:*:*:*:* (string)

19 : cpe:2.3:a:cisco:unified_computing_system:3.2\(2f\):*:*:*:*:*:*:* (string)

20 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4c\):*:*:*:*:*:*:* (string)

21 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3a\):*:*:*:*:*:*:* (string)

22 : cpe:2.3:a:cisco:unified_computing_system:4.0\(1c\):*:*:*:*:*:*:* (string)

23 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3d\):*:*:*:*:*:*:* (string)

24 : cpe:2.3:a:cisco:unified_computing_system:3.2\(2b\):*:*:*:*:*:*:* (string)

25 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4b\):*:*:*:*:*:*:* (string)

26 : cpe:2.3:a:cisco:unified_computing_system:3.2\(2e\):*:*:*:*:*:*:* (string)

27 : cpe:2.3:a:cisco:unified_computing_system:4.0\(2b\):*:*:*:*:*:*:* (string)

28 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4d\):*:*:*:*:*:*:* (string)

29 : cpe:2.3:a:cisco:unified_computing_system:3.2\(1d\):*:*:*:*:*:*:* (string)

30 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3e\):*:*:*:*:*:*:* (string)

31 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3l\):*:*:*:*:*:*:* (string)

32 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3b\):*:*:*:*:*:*:* (string)

33 : cpe:2.3:a:cisco:unified_computing_system:4.0\(2a\):*:*:*:*:*:*:* (string)

34 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3j\):*:*:*:*:*:*:* (string)

35 : cpe:2.3:a:cisco:unified_computing_system:4.0\(1d\):*:*:*:*:*:*:* (string)

36 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3o\):*:*:*:*:*:*:* (string)

37 : cpe:2.3:a:cisco:unified_computing_system:4.0\(4i\):*:*:*:*:*:*:* (string)

38 : cpe:2.3:a:cisco:unified_computing_system:4.1\(1d\):*:*:*:*:*:*:* (string)

39 : cpe:2.3:a:cisco:unified_computing_system:4.1\(2a\):*:*:*:*:*:*:* (string)

40 : cpe:2.3:a:cisco:unified_computing_system:4.1\(1e\):*:*:*:*:*:*:* (string)

41 : cpe:2.3:a:cisco:unified_computing_system:3.2\(3p\):*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 4.0\(1a\) (string)

status : affected (string)

}

1 : { »

version : 3.2\(3n\) (string)

status : affected (string)

}

2 : { »

version : 4.1\(1a\) (string)

status : affected (string)

}

3 : { »

version : 4.1\(1b\) (string)

status : affected (string)

}

4 : { »

version : 4.0\(4h\) (string)

status : affected (string)

}

5 : { »

version : 4.1\(1c\) (string)

status : affected (string)

}

6 : { »

version : 3.2\(3k\) (string)

status : affected (string)

}

7 : { »

version : 3.2\(2c\) (string)

status : affected (string)

}

8 : { »

version : 4.0\(4e\) (string)

status : affected (string)

}

9 : { »

version : 4.0\(4g\) (string)

status : affected (string)

}

10 : { »

version : 3.2\(3i\) (string)

status : affected (string)

}

11 : { »

version : 4.0\(2e\) (string)

status : affected (string)

}

12 : { »

version : 3.2\(3g\) (string)

status : affected (string)

}

13 : { »

version : 4.0\(4a\) (string)

status : affected (string)

}

14 : { »

version : 4.0\(2d\) (string)

status : affected (string)

}

15 : { »

version : 3.2\(2d\) (string)

status : affected (string)

}

16 : { »

version : 4.0\(1b\) (string)

status : affected (string)

}

17 : { »

version : 4.0\(4f\) (string)

status : affected (string)

}

18 : { »

version : 3.2\(3h\) (string)

status : affected (string)

}

19 : { »

version : 3.2\(2f\) (string)

status : affected (string)

}

20 : { »

version : 4.0\(4c\) (string)

status : affected (string)

}

21 : { »

version : 3.2\(3a\) (string)

status : affected (string)

}

22 : { »

version : 4.0\(1c\) (string)

status : affected (string)

}

23 : { »

version : 3.2\(3d\) (string)

status : affected (string)

}

24 : { »

version : 3.2\(2b\) (string)

status : affected (string)

}

25 : { »

version : 4.0\(4b\) (string)

status : affected (string)

}

26 : { »

version : 3.2\(2e\) (string)

status : affected (string)

}

27 : { »

version : 4.0\(2b\) (string)

status : affected (string)

}

28 : { »

version : 4.0\(4d\) (string)

status : affected (string)

}

29 : { »

version : 3.2\(1d\) (string)

status : affected (string)

}

30 : { »

version : 3.2\(3e\) (string)

status : affected (string)

}

31 : { »

version : 3.2\(3l\) (string)

status : affected (string)

}

32 : { »

version : 3.2\(3b\) (string)

status : affected (string)

}

33 : { »

version : 4.0\(2a\) (string)

status : affected (string)

}

34 : { »

version : 3.2\(3j\) (string)

status : affected (string)

}

35 : { »

version : 4.0\(1d\) (string)

status : affected (string)

}

36 : { »

version : 3.2\(3o\) (string)

status : affected (string)

}

37 : { »

version : 4.0\(4i\) (string)

status : affected (string)

}

38 : { »

version : 4.1\(1d\) (string)

status : affected (string)

}

39 : { »

version : 4.1\(2a\) (string)

status : affected (string)

}

40 : { »

version : 4.1\(1e\) (string)

status : affected (string)

}

41 : { »

version : 3.2\(3p\) (string)

status : affected (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-11-18T18:39:09.926743Z (string)

id : CVE-2020-26062 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : yes (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-11-18T18:46:04.617Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-26062", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-18T18:39:09.926743Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:unified_computing_system:4.0\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.0\\(4i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:4.1\\(1e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:unified_computing_system:3.2\\(3p\\):*:*:*:*:*:*:*"], "vendor": "cisco", "product": "unified_computing_system", "versions": [{"status": "affected", "version": "4.0\\(1a\\)"}, {"status": "affected", "version": "3.2\\(3n\\)"}, {"status": "affected", "version": "4.1\\(1a\\)"}, {"status": "affected", "version": "4.1\\(1b\\)"}, {"status": "affected", "version": "4.0\\(4h\\)"}, {"status": "affected", "version": "4.1\\(1c\\)"}, {"status": "affected", "version": "3.2\\(3k\\)"}, {"status": "affected", "version": "3.2\\(2c\\)"}, {"status": "affected", "version": "4.0\\(4e\\)"}, {"status": "affected", "version": "4.0\\(4g\\)"}, {"status": "affected", "version": "3.2\\(3i\\)"}, {"status": "affected", "version": "4.0\\(2e\\)"}, {"status": "affected", "version": "3.2\\(3g\\)"}, {"status": "affected", "version": "4.0\\(4a\\)"}, {"status": "affected", "version": "4.0\\(2d\\)"}, {"status": "affected", "version": "3.2\\(2d\\)"}, {"status": "affected", "version": "4.0\\(1b\\)"}, {"status": "affected", "version": "4.0\\(4f\\)"}, {"status": "affected", "version": "3.2\\(3h\\)"}, {"status": "affected", "version": "3.2\\(2f\\)"}, {"status": "affected", "version": "4.0\\(4c\\)"}, {"status": "affected", "version": "3.2\\(3a\\)"}, {"status": "affected", "version": "4.0\\(1c\\)"}, {"status": "affected", "version": "3.2\\(3d\\)"}, {"status": "affected", "version": "3.2\\(2b\\)"}, {"status": "affected", "version": "4.0\\(4b\\)"}, {"status": "affected", "version": "3.2\\(2e\\)"}, {"status": "affected", "version": "4.0\\(2b\\)"}, {"status": "affected", "version": "4.0\\(4d\\)"}, {"status": "affected", "version": "3.2\\(1d\\)"}, {"status": "affected", "version": "3.2\\(3e\\)"}, {"status": "affected", "version": "3.2\\(3l\\)"}, {"status": "affected", "version": "3.2\\(3b\\)"}, {"status": "affected", "version": "4.0\\(2a\\)"}, {"status": "affected", "version": "3.2\\(3j\\)"}, {"status": "affected", "version": "4.0\\(1d\\)"}, {"status": "affected", "version": "3.2\\(3o\\)"}, {"status": "affected", "version": "4.0\\(4i\\)"}, {"status": "affected", "version": "4.1\\(1d\\)"}, {"status": "affected", "version": "4.1\\(2a\\)"}, {"status": "affected", "version": "4.1\\(1e\\)"}, {"status": "affected", "version": "3.2\\(3p\\)"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-18T18:40:14.616Z"}}], "cna": {"title": "Cisco Integrated Management Controller Username Enumeration Vulnerability", "source": {"defects": ["CSCvv07275"], "advisory": "cisco-sa-cimc-enum-CyheP3B7", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/RL:X/RC:X/E:X", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Unified Computing System (Managed)", "versions": [{"status": "affected", "version": "4.0(1a)"}, {"status": "affected", "version": "3.2(3n)"}, {"status": "affected", "version": "4.1(1a)"}, {"status": "affected", "version": "4.1(1b)"}, {"status": "affected", "version": "4.0(4h)"}, {"status": "affected", "version": "4.1(1c)"}, {"status": "affected", "version": "3.2(3k)"}, {"status": "affected", "version": "3.2(2c)"}, {"status": "affected", "version": "4.0(4e)"}, {"status": "affected", "version": "4.0(4g)"}, {"status": "affected", "version": "3.2(3i)"}, {"status": "affected", "version": "4.0(2e)"}, {"status": "affected", "version": "3.2(3g)"}, {"status": "affected", "version": "4.0(4a)"}, {"status": "affected", "version": "4.0(2d)"}, {"status": "affected", "version": "3.2(2d)"}, {"status": "affected", "version": "4.0(1b)"}, {"status": "affected", "version": "4.0(4f)"}, {"status": "affected", "version": "3.2(3h)"}, {"status": "affected", "version": "3.2(2f)"}, {"status": "affected", "version": "4.0(4c)"}, {"status": "affected", "version": "3.2(3a)"}, {"status": "affected", "version": "4.0(1c)"}, {"status": "affected", "version": "3.2(3d)"}, {"status": "affected", "version": "3.2(2b)"}, {"status": "affected", "version": "4.0(4b)"}, {"status": "affected", "version": "3.2(2e)"}, {"status": "affected", "version": "4.0(2b)"}, {"status": "affected", "version": "4.0(4d)"}, {"status": "affected", "version": "3.2(1d)"}, {"status": "affected", "version": "3.2(3e)"}, {"status": "affected", "version": "3.2(3l)"}, {"status": "affected", "version": "3.2(3b)"}, {"status": "affected", "version": "4.0(2a)"}, {"status": "affected", "version": "3.2(3j)"}, {"status": "affected", "version": "4.0(1d)"}, {"status": "affected", "version": "3.2(3o)"}, {"status": "affected", "version": "4.0(4i)"}, {"status": "affected", "version": "4.1(1d)"}, {"status": "affected", "version": "4.1(2a)"}, {"status": "affected", "version": "4.1(1e)"}, {"status": "affected", "version": "3.2(3p)"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-enum-CyheP3B7", "name": "cisco-sa-cimc-enum-CyheP3B7"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-xss-zLW9tD3"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanx3-vrZbOqqD"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL", "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-zWkppJxL"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco&nbsp;Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application.\r\nThe vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. An attacker could exploit this vulnerability by sending authentication requests to the affected application. A successful exploit could allow the attacker to confirm the names of administrative user accounts for use in further attacks.There are no workarounds that address this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-203", "description": "Observable Discrepancy"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-11-18T16:06:00.592Z"}}}, "cveMetadata": {"cveId": "CVE-2020-26062", "state": "PUBLISHED", "dateUpdated": "2024-11-18T18:46:04.617Z", "dateReserved": "2020-09-24T00:00:00.000Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-11-18T16:06:00.592Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}