CVE-2011-3289

EUVD-2011-3253
Cisco IOS 12.4 and 15.0 through 15.2 allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration via unspecified vectors, aka Bug ID CSCtr97640.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
Affected Products (NVD)
VendorProductVersion
ciscoios
12.4
ciscoios
15.0
ciscoios
15.1
ciscoios
15.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html
http://www.securitytracker.com/id?1027005
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-2TCAVS.html
http://www.securitytracker.com/id?1027005