Vulnerability Details : CVE-2008-1246
The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties, including one who works for the vendor, have been unable to reproduce the flaw unless the enable password is blank
Products affected by CVE-2008-1246
- cpe:2.3:o:cisco:pix_asa_finesse_operation_system:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:pix_asa_finesse_operation_system:7.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-1246
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-1246
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:L/AC:L/Au:S/C:C/I:C/A:C |
3.1
|
10.0
|
NIST |
CWE ids for CVE-2008-1246
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-1246
-
http://www.securityfocus.com/archive/1/489009/100/0/threaded
-
http://www.securityfocus.com/archive/1/486938
-
http://www.gnucitizen.org/projects/router-hacking-challenge/
Page not found ยท GitHub Pages
-
http://www.securityfocus.com/archive/1/487579
-
http://hackathology.blogspot.com/2008/01/pixasa-finesse-71-72-privilege.html
-
http://www.securityfocus.com/archive/1/486959
-
http://www.securityfocus.com/bid/27457
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41129
Cisco PIX/ASA Finesse Operation System privilege escalation CVE-2008-1246 Vulnerability Report
-
http://www.securityfocus.com/archive/1/487051
Jump to