How severe is CVE-2019-1972?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2019-1972?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2019-1972 - MEDIUM Severity | CVSS 6.7

Vulnerability Description

A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVIS) restricted CLI could allow an authenticated, local attacker with valid administrator-level credentials to elevate privileges and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient restrictions during the execution of an affected CLI command. An attacker could exploit this vulnerability by leveraging the insufficient restrictions during the execution of an affected command. A successful exploit could allow the attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root.

Related Vulnerabilities

CVE-2014-3752

MEDIUM

CVSS:6.7(Medium)

The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and earlier allows local users with administrator rights to execute arbitrary code with SYSTEM privileges via a crafted 0x83170180 call.

CWE-2642014

CVE-2015-3321

MEDIUM

CVSS:6.7(Medium)

Services and files in Lenovo Fingerprint Manager before 8.01.42 have incorrect ACLs, which allows local users to invalidate local checks and gain privileges via standard filesystem operations.

CWE-2642015

CVE-2015-4045

MEDIUM

CVSS:6.7(Medium)

The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script.

CWE-2642015

CVE-2015-8660

MEDIUM

CVSS:6.7(Medium)

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and mo...

CWE-2642015

CVE-2016-0905

MEDIUM

CVSS:6.7(Medium)

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root privileges by leveraging admin access and entering a sudo command.

CWE-2642016

CVE-2016-0908

MEDIUM

CVSS:6.7(Medium)

EMC Isilon OneFS 7.1.x before 7.1.1.9 and 7.2.x before 7.2.1.2 allows local users to obtain root shell access by leveraging administrative privileges.

CWE-2642016