Lucene search

[email protected]CVE-2015-4327

HistoryAug 20, 2015 - 12:59 a.m.

CVE-2015-4327

2015-08-2000:59:04

CWE-20

[email protected]

web.nvd.nist.gov

cisco

vcs

expressway

x8.5.2

cli

vulnerability

cve-2015-4327

cscuv12542

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542.

Affected configurations

NVD

Node

ciscotelepresence_video_communication_server_softwareMatchx8.5.2expressway

CPENameOperatorVersion
cisco:telepresence_video_communication_server_softwarecisco telepresence video communication server softwareeqx8.5.2

CPE	Name	Operator	Version
cisco:telepresence_video_communication_server_software	cisco telepresence video communication server software	eq	x8.5.2

References

tools.cisco.com/security/center/viewAlert.x?alertId=40518

www.securityfocus.com/bid/76408

www.securitytracker.com/id/1033332

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-4327

cisco1 nvd1 prion1 cvelist1