CVE-2015-4244

high Cisco
CVSS v3 Base Score
7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
0.2%
Exploitation probability in 30 days
Top 61% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: July 10, 2015 (3961 days ago)
Last Modified: May 6, 2026
Vendor: Cisco
Source: NVD

Description

The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to execute arbitrary Linux commands by leveraging administrative privileges for storage of these commands in a Compact Flash (CF) file, aka Bug ID CSCuu75278.

CWE

CWE-78

Affected Products

cisco asr 5000 series software

References

🔗 tools.cisco.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securitytracker.com