CVE-2019-15996 | Date: (C)2019-11-26 (M)2023-12-22 |
A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions to modify sensitive files. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V3 Severity: | CVSS V2 Severity: |
CVSS Score : 6.7 | CVSS Score : 7.2 |
Exploit Score: 0.8 | Exploit Score: 3.9 |
Impact Score: 5.9 | Impact Score: 10.0 |
|
CVSS V3 Metrics: | CVSS V2 Metrics: |
Attack Vector: LOCAL | Access Vector: LOCAL |
Attack Complexity: LOW | Access Complexity: LOW |
Privileges Required: HIGH | Authentication: NONE |
User Interaction: NONE | Confidentiality: COMPLETE |
Scope: UNCHANGED | Integrity: COMPLETE |
Confidentiality: HIGH | Availability: COMPLETE |
Integrity: HIGH | |
Availability: HIGH | |
| |