- Description
- Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_extension_framework:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "794D6B98-85BE-4AB3-A386-821A00BD1B5D"
},
{
"criteria": "cpe:2.3:a:cisco:application_extension_framework:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A29628A1-1564-4865-A2B9-1AD51D78EBAE"
}
],
"operator": "OR"
}
]
}
]