CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1246

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties, including one who works for the vendor, have been unable to reproduce the flaw unless the enable password is blank

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

http://hackathology.blogspot.com/2008/01/pixasa-finesse-71-72-privilege.html
http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.securityfocus.com/archive/1/486938
http://www.securityfocus.com/archive/1/486959
http://www.securityfocus.com/archive/1/487051
http://www.securityfocus.com/archive/1/487579
http://www.securityfocus.com/archive/1/489009/100/0/threaded
http://www.securityfocus.com/bid/27457
https://exchange.xforce.ibmcloud.com/vulnerabilities/41129
http://hackathology.blogspot.com/2008/01/pixasa-finesse-71-72-privilege.html
http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.securityfocus.com/archive/1/486938
http://www.securityfocus.com/archive/1/486959
http://www.securityfocus.com/archive/1/487051
http://www.securityfocus.com/archive/1/487579
http://www.securityfocus.com/archive/1/489009/100/0/threaded
http://www.securityfocus.com/bid/27457
https://exchange.xforce.ibmcloud.com/vulnerabilities/41129

Products affected by CVE-2008-1246

Cisco » Pix Asa Finesse Operation System » Version: 7.1

cpe:2.3:o:cisco:pix_asa_finesse_operation_system:7.1
Cisco » Pix Asa Finesse Operation System » Version: 7.2

cpe:2.3:o:cisco:pix_asa_finesse_operation_system:7.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1246

Products

Pricing

Contact Us