Lucene search

[email protected]NVD:CVE-2011-3289

HistoryMay 02, 2012 - 10:09 a.m.

CVE-2011-3289

2012-05-0210:09:21

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

12.6%

JSON

Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640.

Affected configurations

Nvd

Node

ciscoiosMatch12.4

ciscoiosMatch15.0

ciscoiosMatch15.1

ciscoiosMatch15.2

VendorProductVersionCPE
ciscoios12.4cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
ciscoios15.0cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
ciscoios15.1cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
ciscoios15.2cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.4	cpe:2.3:o:cisco:ios:12.4:::::::*
cisco	ios	15.0	cpe:2.3:o:cisco:ios:15.0:::::::*
cisco	ios	15.1	cpe:2.3:o:cisco:ios:15.1:::::::*
cisco	ios	15.2	cpe:2.3:o:cisco:ios:15.2:::::::*

References

www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html

www.securitytracker.com/id?1027005

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2011-3289

cve1 cvelist1 prion1