CVE-2019-12670

A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this vulnerability by modifying files that they should not have access to. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container.
Configurations

Configuration 1 (hide)

cpe:2.3:o:cisco:ios:16.10.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-25 21:15

Updated : 2023-12-10 13:13


NVD link : CVE-2019-12670

Mitre link : CVE-2019-12670

CVE.ORG link : CVE-2019-12670


JSON object : View

Products Affected

cisco

  • ios
CWE
CWE-276

Incorrect Default Permissions

CWE-284

Improper Access Control