6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:S/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.