CVE-2013-5493

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5493", "name": "20130912 Cisco Virtualization Experience Client Series 6000 Local Arbitrary Command Execution Vulnerability", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://osvdb.org/97239", "name": "97239", "tags": [], "refsource": "OSVDB"}, {"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30777", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30777", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1029032", "name": "1029032", "tags": [], "refsource": "SECTRACK"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The diagnostic module in the firmware on Cisco Virtualization Experience Client 6000 devices allows local users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors, aka Bug ID CSCug68407."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-5493", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-09-13T14:10Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:virtualization_experience_client_6000_series_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:virtualization_experience_client_6000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-10-22T18:54Z"}