CVE-2014-3390
Published Oct 10, 2014
Last updated a year ago
Overview
- Description
- The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.7.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E628AA9-1F66-42EC-97EE-9EB3E8E5F082" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04C8C6E9-D5C3-42DC-B431-9097B2FCCB52" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BDD9D1-0DE3-4FA7-BDC1-2A724162CEEC" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C80EAFF-E577-414A-9DDE-D27A41CB3DC9" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26CC07CC-0C79-48ED-BEB6-4B576A0DBD68" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1576FC7F-B7DD-41DD-A95E-23B1F86E4B02" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3768E4B0-E457-47AB-99B0-7C1A0E0CBE35" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0" }, { "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9" } ], "operator": "OR" } ] } ]