CVE-2016-6362

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1", "name": "20160817 Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vulnerability", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securitytracker.com/id/1036644", "name": "1036644", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/92513", "name": "92513", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2016-6362", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}}, "publishedDate": "2016-08-22T10:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2016-12-12T19:44Z"}