Lucene search

[email protected]NVD:CVE-2015-4244

HistoryJul 10, 2015 - 10:59 a.m.

CVE-2015-4244

2015-07-1010:59:00

CWE-78

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

Percentile

5.2%

JSON

The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to execute arbitrary Linux commands by leveraging administrative privileges for storage of these commands in a Compact Flash (CF) file, aka Bug ID CSCuu75278.

Affected configurations

Nvd

Node

ciscoasr_5000_series_softwareMatch14.0

VendorProductVersionCPE
ciscoasr_5000_series_software14.0cpe:2.3:a:cisco:asr_5000_series_software:14.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_5000_series_software	14.0	cpe:2.3:a:cisco:asr_5000_series_software:14.0:::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=39677

www.securitytracker.com/id/1032839

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

Percentile

5.2%

JSON

Related for NVD:CVE-2015-4244

prion1 cisco1 cvelist1 cve1