CVE-2016-1420

Опубликовано: 10 июн. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:h:cisco:application_infrastructure_controller:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(1e\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(1h\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(1k\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(1n\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(2j\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(2m\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(3f\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(3i\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(3k\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(3n\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(4h\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\(4o\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\(0.920a\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\(1j\):*:*:*:*:*:*:*

cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\(3f\):*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00231

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-qmwv-v38g-gxjq