Executive Summary

Informations
NameCVE-2019-1794First vendor Publication2019-04-17
VendorCveLast vendor Modification2019-10-09

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:N)
Cvss Base Score3.6Attack RangeLocal
Cvss Impact Score4.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their choosing earlier in the search path utilized by Cisco Directory Connector to locate and load required resources.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1794

CWE : Common Weakness Enumeration

%idName
100 %CWE-427Uncontrolled Search Path Element

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108032
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2019-10-10 05:21:03
  • Multiple Updates
2019-04-23 17:19:03
  • Multiple Updates
2019-04-19 05:18:06
  • Multiple Updates
2019-04-18 09:19:12
  • First insertion