Lucene search

[email protected]CVE-2015-6370

HistoryNov 19, 2015 - 2:59 a.m.

CVE-2015-6370

2015-11-1902:59:03

CWE-78

[email protected]

web.nvd.nist.gov

cisco

firepower

extensible operating system

os commands

security vulnerability

cli输入

bug id

cscux10578

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.2%

JSON

The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows local users to execute arbitrary OS commands as root via crafted CLI input, aka Bug ID CSCux10578.

Affected configurations

NVD

Node

ciscofirepower_extensible_operating_systemMatch1.1\(1.160\)

CPENameOperatorVersion
cisco:firepower_extensible_operating_systemcisco firepower extensible operating systemeq1.1\(1.160\)

CPE	Name	Operator	Version
cisco:firepower_extensible_operating_system	cisco firepower extensible operating system	eq	1.1\(1.160\)

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fire1

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-6370

cisco1 cvelist1 nvd1 prion1