CVE-2013-5533
MEDIUM severity · CVSS 6 · Improper input validation
6CVSS MEDIUM
Summary
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
Impact & exploitability
Attack vectorLocal
Attack complexityHigh
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)0%
AV:L/AC:H/Au:S/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.