CVE-2011-3289

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-3289
Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640.

3.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html
http://www.securitytracker.com/id?1027005
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
History

No history.

Information

Published : 2012-05-02 10:09

Updated : 2024-02-28 12:00

NVD link : CVE-2011-3289

Mitre link : CVE-2011-3289

CVE.ORG link : CVE-2011-3289

JSON object : View

Products Affected

cisco

  • ios
CWE
CWE-264

Permissions, Privileges, and Access Controls