Executive Summary

Informations
NameCVE-2018-0284First vendor Publication2018-11-08
VendorCveLast vendor Modification2019-01-31

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:P/A:N)
Cvss Base Score4Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0284

CWE : Common Weakness Enumeration

%idName
100 %CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware1
Hardware1
Hardware1
Hardware1
Hardware1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/105878
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-01-31 21:19:29
  • Multiple Updates
2018-11-13 17:19:24
  • Multiple Updates
2018-11-08 21:19:36
  • First insertion