7.1
CVE-2009-0637
- EPSS 1.28%
- Published 27.03.2009 16:30:02
- Last modified 09.04.2025 00:30:58
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Data is provided by the National Vulnerability Database (NVD)
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.28% | 0.788 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 3.9 | 10 |
AV:N/AC:H/Au:S/C:C/I:C/A:C
|