Sign-up

ID

VAR-200710-0460


CVE

CVE-2007-5549


TITLE

Cisco IOS of Command EXEC Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2007-002798

DESCRIPTION

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. There is an unknown vulnerability in Command EXEC of isco IOS

Trust: 1.98

sources: NVD: CVE-2007-5549 // JVNDB: JVNDB-2007-002798 // BID: 85278 // VULHUB: VHN-28911

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:*

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:11.0

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.6

vendor:ciscomodel:ios 12.2 sescope: - version: -

Trust: 0.3

sources: BID: 85278 // JVNDB: JVNDB-2007-002798 // CNNVD: CNNVD-200710-377 // NVD: CVE-2007-5549

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-5549
value: LOW

Trust: 1.0

NVD: CVE-2007-5549
value: LOW

Trust: 0.8

CNNVD: CNNVD-200710-377
value: LOW

Trust: 0.6

VULHUB: VHN-28911
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2007-5549
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-28911
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28911 // JVNDB: JVNDB-2007-002798 // CNNVD: CNNVD-200710-377 // NVD: CVE-2007-5549

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-28911 // JVNDB: JVNDB-2007-002798 // NVD: CVE-2007-5549

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-200710-377

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-200710-377

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002798

PATCH
title:Top Pageurl:http://www.cisco.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002798

EXTERNAL IDS
db:NVDid:CVE-2007-5549
Trust: 2.8
db:OSVDBid:45363
Trust: 1.7
db:JVNDBid:JVNDB-2007-002798
Trust: 0.8
db:CNNVDid:CNNVD-200710-377
Trust: 0.6
db:BIDid:85278
Trust: 0.4
db:VULHUBid:VHN-28911
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28911 // 
            
            
            
            BID: 85278 // 
            
            
            
            JVNDB: JVNDB-2007-002798 // 
            
            
            
            CNNVD: CNNVD-200710-377 // 
            
            
            
            NVD: CVE-2007-5549

REFERENCES
url:http://www.irmplc.com/index.php/111-vendor-alerts
Trust: 2.0
url:http://osvdb.org/45363
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5549
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5549
Trust: 0.8
sources:
            
            
            VULHUB: VHN-28911 // 
            
            
            
            BID: 85278 // 
            
            
            
            JVNDB: JVNDB-2007-002798 // 
            
            
            
            CNNVD: CNNVD-200710-377 // 
            
            
            
            NVD: CVE-2007-5549

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85278

SOURCES
db:VULHUBid:VHN-28911
db:BIDid:85278
db:JVNDBid:JVNDB-2007-002798
db:CNNVDid:CNNVD-200710-377
db:NVDid:CVE-2007-5549

LAST UPDATE DATE
2025-04-10T23:09:41.763000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28911date:2008-11-15T00:00:00
db:BIDid:85278date:2007-10-18T00:00:00
db:JVNDBid:JVNDB-2007-002798date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200710-377date:2007-10-23T00:00:00
db:NVDid:CVE-2007-5549date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-28911date:2007-10-18T00:00:00
db:BIDid:85278date:2007-10-18T00:00:00
db:JVNDBid:JVNDB-2007-002798date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200710-377date:2007-10-18T00:00:00
db:NVDid:CVE-2007-5549date:2007-10-18T20:17:00