Detections
Analytics
Cisco Application Extension Platform (AXP) Privilege Escalation (cisco-sa-20100609-axp)
high Nessus Plugin ID 70164
Language:
Synopsis
The remote host is running Cisco AXP, which is affected by a privilege escalation vulnerability.Description
The remote Cisco Application Extension Platform (AXP) is affected by a privilege escalation vulnerability. The vulnerability could allow an authenticated user to gain administrative access to a vulnerable Cisco AXP module.Solution
Upgrade to Cisco AXP version 1.1.7 or later. Note: Cisco AXP version 1.1.5 may or may not be vulnerable depending upon the upgrade path used. Installs upgraded from version 1.0 or a clean installation are not vulnerable. Installs upgraded from version 1.1 are vulnerable. Refer to the vendor's advisory for upgrade steps.See Also
https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20100609-axp.html
Plugin Details
Severity: High
ID: 70164
File Name: cisco-sa-20100609-axp.nasl
Version: 1.6
Type: local
Family: CISCO
Published: 9/27/2013
Updated: 9/26/2019
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:cisco:application_extension_framework
Required KB Items: Settings/ParanoidReport, Host/Cisco/show_software_version
Exploit Ease: No known exploits are available
Patch Publication Date: 6/9/2010
Vulnerability Publication Date: 6/9/2010
Reference Information
CVE: CVE-2010-1572
BID: 40682
CISCO-SA: cisco-sa-20100609-axp
CISCO-BUG-ID: CSCub85692