exploitDog

GHSA-5c25-ppjq-qcq8

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

Ссылки

EPSS

Процентиль: 15%

0.00049

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2020-3214

CVSS3: 6.7

nvd

больше 5 лет назад

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device.

BDU:2020-03031

CVSS3: 6.7

fstec

больше 5 лет назад

Уязвимость операционной системы Cisco IOS XE, связанная с ошибками при проверке предоставленного пользователем контента, позволяющая нарушителю повысить свои привилегии до уровня root

EPSS

Процентиль: 15%

0.00049

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-20