A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:HCisco Cx Cloud Agent
APPCisco< 2.2.1
Related vulnerabilities
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privi...
Cisco Catalyst SD-WAN — pominięcie uwierzytelnienia z dostępem administracyjnym
RCE przez insecure deserialization w Cisco Secure Firewall Management Center
Cisco Catalyst SD-WAN — ominięcie uwierzytelnienia peering i przejęcie uprawnień