CVE-2013-5493
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
The diagnostic module in the firmware on Cisco Virtualization Experience Client 6000 devices allows local users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors, aka Bug ID CSCug68407.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/viewAlert.x?alertId=30777
Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5493
References
- http://osvdb.org/97239
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5493
- http://tools.cisco.com/security/center/viewAlert.x?alertId=30777
- http://www.securitytracker.com/id/1029032
- http://osvdb.org/97239
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5493
- http://tools.cisco.com/security/center/viewAlert.x?alertId=30777
- http://www.securitytracker.com/id/1029032
CWEs
CWE-20
Verify integrity in audit chain (admin only). AS-IS.