Vulnerability Details CVE-2015-4282
Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.1%
CVSS Severity
CVSS v2 Score 6.9
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-privmse
- http://www.securityfocus.com/bid/77435
- http://www.securitytracker.com/id/1034066
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-privmse
- http://www.securityfocus.com/bid/77435
- http://www.securitytracker.com/id/1034066
Products affected by CVE-2015-4282
-
cpe:2.3:a:cisco:mobility_services_engine:5.1_base
-
cpe:2.3:a:cisco:mobility_services_engine:5.2_base
-
cpe:2.3:a:cisco:mobility_services_engine:6.0_base
-
cpe:2.3:a:cisco:mobility_services_engine:7.0_base
-
cpe:2.3:a:cisco:mobility_services_engine:7.4.100.0
-
cpe:2.3:a:cisco:mobility_services_engine:7.4.110.0
-
cpe:2.3:a:cisco:mobility_services_engine:7.4.121.0
-
cpe:2.3:a:cisco:mobility_services_engine:7.4_base
-
cpe:2.3:a:cisco:mobility_services_engine:7.5.102.101
-
cpe:2.3:a:cisco:mobility_services_engine:7.6.100.0
-
cpe:2.3:a:cisco:mobility_services_engine:7.6.120.0
-
cpe:2.3:a:cisco:mobility_services_engine:7.6.132.0
-
cpe:2.3:a:cisco:mobility_services_engine:8.0(110.0)
-
cpe:2.3:a:cisco:mobility_services_engine:8.0_base