CVE-2016-6362

{"id": "CVE-2016-6362", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2016-08-22T10:59:11.120", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/92513", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1036644", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-aap1", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/92513", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036644", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Cisco Aironet 1800, 2800, and 3800 devices with software before 8.2.110.0, 8.2.12x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow local users to gain privileges via crafted CLI parameters, aka Bug ID CSCuz24725."}, {"lang": "es", "value": "Dispositivos Cisco Aironet 1800, 2800 y 3800 con software en versiones anteriores a 8.2.110.0, 8.2.12x en versiones anteriores a 8.2.121.0 y 8.3.x en versiones anteriores a 8.3.102.0 permiten a usuarios locales obtener privilegios a trav\u00e9s de par\u00e1metros CLI manipulados, tambi\u00e9n conocido como Bug ID CSCuz24725."}], "lastModified": "2024-11-21T02:55:58.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(15.14\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56A62387-63C1-465E-B7C9-8AE336CC1C67"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.3\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C399834-8DC2-4B81-B258-0F2DA7408277"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(112.4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEF360BC-B2C5-4DF4-8751-C1129A263243"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.1\\(131.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEEB3E5A-354E-41DA-971C-03F7915FA947"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(100.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97863857-2CC6-4717-A59F-92F3B6604FDE"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.2\\(102.43\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CD7A011-854F-41A9-9C24-BF3769B1797E"}, {"criteria": "cpe:2.3:a:cisco:aironet_access_point_software:8.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B28C49B5-1B3D-4228-AE6A-83EC30D69515"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}