Lucene search

CiscoCVE-2015-4282

HistoryNov 06, 2015 - 11:59 a.m.

CVE-2015-4282

2015-11-0611:59:00

CWE-264

cisco

web.nvd.nist.gov

cisco

mse

8.0.120.7

weak permissions

vulnerability

cve-2015-4282

nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.1%

JSON

Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.

Affected configurations

Nvd

Node

ciscomobility_services_engineMatch5.1_base

ciscomobility_services_engineMatch5.2_base

ciscomobility_services_engineMatch6.0_base

ciscomobility_services_engineMatch7.0_base

ciscomobility_services_engineMatch7.4.100.0

ciscomobility_services_engineMatch7.4.110.0

ciscomobility_services_engineMatch7.4.121.0

ciscomobility_services_engineMatch7.4_base

ciscomobility_services_engineMatch7.5.102.101

ciscomobility_services_engineMatch7.6.100.0

ciscomobility_services_engineMatch7.6.120.0

ciscomobility_services_engineMatch7.6.132.0

ciscomobility_services_engineMatch8.0\(110.0\)

ciscomobility_services_engineMatch8.0_base

VendorProductVersionCPE
ciscomobility_services_engine5.1_basecpe:2.3:a:cisco:mobility_services_engine:5.1_base:*:*:*:*:*:*:*
ciscomobility_services_engine5.2_basecpe:2.3:a:cisco:mobility_services_engine:5.2_base:*:*:*:*:*:*:*
ciscomobility_services_engine6.0_basecpe:2.3:a:cisco:mobility_services_engine:6.0_base:*:*:*:*:*:*:*
ciscomobility_services_engine7.0_basecpe:2.3:a:cisco:mobility_services_engine:7.0_base:*:*:*:*:*:*:*
ciscomobility_services_engine7.4.100.0cpe:2.3:a:cisco:mobility_services_engine:7.4.100.0:*:*:*:*:*:*:*
ciscomobility_services_engine7.4.110.0cpe:2.3:a:cisco:mobility_services_engine:7.4.110.0:*:*:*:*:*:*:*
ciscomobility_services_engine7.4.121.0cpe:2.3:a:cisco:mobility_services_engine:7.4.121.0:*:*:*:*:*:*:*
ciscomobility_services_engine7.4_basecpe:2.3:a:cisco:mobility_services_engine:7.4_base:*:*:*:*:*:*:*
ciscomobility_services_engine7.5.102.101cpe:2.3:a:cisco:mobility_services_engine:7.5.102.101:*:*:*:*:*:*:*
ciscomobility_services_engine7.6.100.0cpe:2.3:a:cisco:mobility_services_engine:7.6.100.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	mobility_services_engine	5.1_base	cpe:2.3:a:cisco:mobility_services_engine:5.1_base:::::::*
cisco	mobility_services_engine	5.2_base	cpe:2.3:a:cisco:mobility_services_engine:5.2_base:::::::*
cisco	mobility_services_engine	6.0_base	cpe:2.3:a:cisco:mobility_services_engine:6.0_base:::::::*
cisco	mobility_services_engine	7.0_base	cpe:2.3:a:cisco:mobility_services_engine:7.0_base:::::::*
cisco	mobility_services_engine	7.4.100.0	cpe:2.3:a:cisco:mobility_services_engine:7.4.100.0:::::::*
cisco	mobility_services_engine	7.4.110.0	cpe:2.3:a:cisco:mobility_services_engine:7.4.110.0:::::::*
cisco	mobility_services_engine	7.4.121.0	cpe:2.3:a:cisco:mobility_services_engine:7.4.121.0:::::::*
cisco	mobility_services_engine	7.4_base	cpe:2.3:a:cisco:mobility_services_engine:7.4_base:::::::*
cisco	mobility_services_engine	7.5.102.101	cpe:2.3:a:cisco:mobility_services_engine:7.5.102.101:::::::*
cisco	mobility_services_engine	7.6.100.0	cpe:2.3:a:cisco:mobility_services_engine:7.6.100.0:::::::*