CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087.

Severity	MEDIUM
CVSS	5.5
CWE	CWE-275
KEV
Published	7 years ago
Modified	1 year ago

Related Products

Product	Advisory	Evidence
Cisco Policy Suite (CPS) Software	cisco-sa-20180718-policy-suite-data	Cisco OpenVuln