Описание
The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.7.8:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.11:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.13:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00324
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.
EPSS
Процентиль: 55%
0.00324
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-20