- Description
- The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk Experience or DX) DX650 endpoints allows local users to execute arbitrary OS commands via an unspecified parameter, aka Bug ID CSCus38947.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-20
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:desktop_collaboration_experience_dx650:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F22D629-CA31-4D0C-9761-4B35FA3852AB"
}
],
"operator": "OR"
}
]
}
]