Описание
Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:mobility_services_engine:5.1_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:5.2_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:6.0_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.0_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.4.100.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.4.110.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.4.121.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.4_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.5.102.101:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.6.100.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.6.120.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:7.6.132.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:8.0\(110.0\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:mobility_services_engine:8.0_base:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00278
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.
EPSS
Процентиль: 51%
0.00278
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-264