Описание
A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1).
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.6\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.7\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.8\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.9\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ip_interoperability_and_collaboration_system:4.10\(1\):*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00058
Низкий
7.8 High
CVSS3
6.6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1).
EPSS
Процентиль: 18%
0.00058
Низкий
7.8 High
CVSS3
6.6 Medium
CVSS2
Дефекты
CWE-264