How severe is CVE-2019-12622?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2019-12622?

This is classified as CWE-275, which is a common weakness in software security.

CVE-2019-12622 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

A vulnerability in Cisco RoomOS Software could allow an authenticated, local attacker to write files to the underlying filesystem with root privileges. The vulnerability is due to insufficient permission restrictions on a specific process. An attacker could exploit this vulnerability by logging in to an affected device with remote support credentials and initiating the specific process on the device and sending crafted data to that process. A successful exploit could allow the attacker to write files to the underlying file system with root privileges.

Related Vulnerabilities

CVE-2013-4201

MEDIUM

CVSS:4.3(Medium)

Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions.

CWE-2752013

CVE-2016-2406

MEDIUM

CVSS:4.3(Medium)

The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by le...

CWE-2752016

CVE-2016-4873

MEDIUM

CVSS:4.3(Medium)

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to execute unintended operations via the Project function.

CWE-2752016

CVE-2016-9461

MEDIUM

CVSS:4.3(Medium)

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on ...

CWE-2752016

CVE-2016-9462

MEDIUM

CVSS:4.3(Medium)

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whethe...

CWE-2752016

CVE-2017-0884

MEDIUM

CVSS:4.3(Medium)

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated a...

CWE-2752017