CVE-2010-1572

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-1572
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain administrator privileges via unspecified API calls.

9.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3290b.shtml Patch Vendor Advisory
http://www.securityfocus.com/bid/40682
https://exchange.xforce.ibmcloud.com/vulnerabilities/59271
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:application_extension_framework:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_extension_framework:1.1.5:*:*:*:*:*:*:*
History

No history.

Information

Published : 2010-06-10 00:30

Updated : 2024-02-28 11:41

NVD link : CVE-2010-1572

Mitre link : CVE-2010-1572

CVE.ORG link : CVE-2010-1572

JSON object : View

Products Affected

cisco

  • application_extension_framework
CWE
NVD-CWE-noinfo