CVE-2016-6430

EUVD-2016-7353
A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session. More Information: CSCva38636. Known Affected Releases: 4.10(1). Known Fixed Releases: 5.0(1).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
ciscoip_interoperability_and_collaboration_system
4.0\(1\)
ciscoip_interoperability_and_collaboration_system
4.5\(1\)
ciscoip_interoperability_and_collaboration_system
4.6\(1\)
ciscoip_interoperability_and_collaboration_system
4.7\(1\)
ciscoip_interoperability_and_collaboration_system
4.8\(1\)
ciscoip_interoperability_and_collaboration_system
4.8\(2\)
ciscoip_interoperability_and_collaboration_system
4.9\(1\)
ciscoip_interoperability_and_collaboration_system
4.9\(2\)
ciscoip_interoperability_and_collaboration_system
4.10\(1\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93919
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics2
http://www.securityfocus.com/bid/93919
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics2