How severe is CVE-2019-15277?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.4 out of 10.

What type of vulnerability is CVE-2019-15277?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2019-15277 - MEDIUM Severity | CVSS 6.4

Vulnerability Description

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to execute code with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating as the remote support user and sending malicious traffic to a listener who is internal to the device. A successful exploit could allow the attacker to execute commands with root privileges.

Related Vulnerabilities

CVE-2016-5572

MEDIUM

CVSS:6.4(Medium)

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CWE-2642016

CVE-2016-8353

MEDIUM

CVSS:6.4(Medium)

An issue was discovered in OSIsoft PI Web API 2015 R2 (Version 1.5.1). There is a weakness in this product that may allow an attacker to access the PI system without the proper permissions.

CWE-2642016

CVE-2014-0229

MEDIUM

CVSS:6.5(Medium)

Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownData...

CWE-2642014

CVE-2014-1889

MEDIUM

CVSS:6.5(Medium)

The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.

CWE-2642014

CVE-2014-8540

MEDIUM

CVSS:6.5(Medium)

The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improper permission checks.

CWE-2642014

CVE-2014-9503

MEDIUM

CVSS:6.5(Medium)

The Discussions sub module in the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal allows remote authenticated users with "access content" permissions to modify arbitrary nodes by leveraging impr...

CWE-2642014