CVE-2015-6426

Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restrictions and execute arbitrary commands via additional parameters to an unspecified command, aka Bug ID CSCus99427.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-pnsc	Vendor Advisory
http://www.securityfocus.com/bid/79582

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:prime_network_services_controller:3.0.0:*:*:*:*:*:*:*

Information

Published : 2015-12-18 03:59

Updated : 2016-11-28 11:39

NVD link : CVE-2015-6426

Mitre link : CVE-2015-6426

JSON object : View

CWE

CWE-20

Improper Input Validation

Products Affected

cisco

prime_network_services_controller

7.2 /10