CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
A vulnerability in the SSH management feature of multiple Cisco Access Points (APs) platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH management interface. A network administrator user could exploit this vulnerability by accessing an affected device through SSH management to make a configuration change. A successful exploit could allow the attacker to gain privileges equivalent to the root user.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | aironet_1542d_firmware | - | cpe:2.3:o:cisco:aironet_1542d_firmware:-:*:*:*:*:*:*:* |
cisco | aironet_1542d | - | cpe:2.3:h:cisco:aironet_1542d:-:*:*:*:*:*:*:* |
cisco | aironet_1562d_firmware | - | cpe:2.3:o:cisco:aironet_1562d_firmware:-:*:*:*:*:*:*:* |
cisco | aironet_1562d | - | cpe:2.3:h:cisco:aironet_1562d:-:*:*:*:*:*:*:* |
cisco | aironet_1815m_firmware | - | cpe:2.3:o:cisco:aironet_1815m_firmware:-:*:*:*:*:*:*:* |
cisco | aironet_1815m | - | cpe:2.3:h:cisco:aironet_1815m:-:*:*:*:*:*:*:* |
cisco | aironet_1830e_firmware | - | cpe:2.3:o:cisco:aironet_1830e_firmware:-:*:*:*:*:*:*:* |
cisco | aironet_1830e | - | cpe:2.3:h:cisco:aironet_1830e:-:*:*:*:*:*:*:* |
cisco | aironet_1840i_firmware | - | cpe:2.3:o:cisco:aironet_1840i_firmware:-:*:*:*:*:*:*:* |
cisco | aironet_1840i | - | cpe:2.3:h:cisco:aironet_1840i:-:*:*:*:*:*:*:* |
[
{
"product": "Cisco Wireless LAN Controller (WLC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]
More
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%