Design/Logic Flaw

2019-04-1801:29:00

PRIOn knowledge base

www.prio-n.com

5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.

CPENameOperatorVersion
meeting_servereq2.2

CPE	Name	Operator	Version
	meeting_server	eq	2.2

References

www.securityfocus.com/bid/108032

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-cdc-hijack