CVE-2016-1320medium
Description
The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286.
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp
Details
Source: MITRE
Published: 2016-02-12
Updated: 2016-12-29
Type: CWE-264
Risk Information
CVSS v2
Base Score: 6.8
Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 3.1
Severity: MEDIUM
CVSS v3
Base Score: 6.7
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 0.8
Severity: MEDIUM