CVE-2015-0755

{"id": "CVE-2015-0755", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-29T15:59:09.327", "references": [{"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39018", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1032424", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secure Mobility Client 4.0(64), allows local users to gain privileges via unspecified commands, aka Bug ID CSCut05797."}, {"lang": "es", "value": "El m\u00f3dulo Posture para Cisco Identity Services Engine (ISE), distribuido en Cisco AnyConnect Secure Mobility Client 4.0(64), permite a usuarios locales ganar privilegios a trav\u00e9s de comandos no especificados, tambi\u00e9n conocido como Bug ID CSCut05797."}], "lastModified": "2017-01-04T15:34:16.910", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(64\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC1592B-04DE-4FBB-88EF-7AFADEE75624"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}