Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7999

Overview

Vulnerability Score 7.7 7.7
CVE Id CVE-2014-7999
Last Modified 24 Dec 2014 03:17:49
Published 23 Dec 2014 07:59:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-7999

Summary

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.

Vulnerable Systems

Application

  • Cisco Meraki Mr Firmware 2014-09-24

  • Cisco Meraki Ms Firmware 2014-09-24

  • Cisco Meraki Mx Firmware 2014-09-24


References

CONFIRM - https://dashboard.meraki.com/firmware_security

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=36800


Last Updated: 27 May 2016 11:07:22