Overview
- Description
- Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E37AB27-7FAA-4F84-BA0F-2B88FB5C7F9B",
"versionEndIncluding": "3.1.1.33"
}
],
"operator": "OR"
}
]
}
]