Executive Summary

Summary
Title Cisco Application Extension Platform Privilege Escalation Vulnerability
Informations
Name cisco-sa-20100609-axp First vendor Publication 2010-04-30
Vendor Cisco Last vendor Modification 2010-06-09
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Cvss Base Score 9 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

The Cisco Application Extension Platform contains a privilege escalation vulnerability in the tech support diagnostic shell that may allow an authenticated user to obtain administrative access to a vulnerable Cisco Application Extension Platform module. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20100609-axp.shtml

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

Open Source Vulnerability Database (OSVDB)

Id Description
65283 Cisco Application Extension Platform (AXP) Configuration Disclosure Remote Pr...

Information Assurance Vulnerability Management (IAVM)

Date Description
2010-07-08 IAVM : 2010-A-0087 - Cisco Application Extension Platform Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0024578

Nessus® Vulnerability Scanner

Date Description
2013-09-27 Name : The remote host is running Cisco AXP, which is affected by a privilege escala...
File : cisco-sa-20100609-axp.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 10:21:59
  • Multiple Updates
2013-11-11 12:37:29
  • Multiple Updates