CVE-2007-5549

Cisco IOS - Exposure of Sensitive Information via Command EXEC Bypass

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://www.irmplc.com/index.php/111-Vendor-Alerts
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/45363

Scores

EPSS 0.0037
EPSS Percentile 29.5%

Details

CWE
CWE-200
Status published
Products (1)
cisco/ios
Published Oct 18, 2007
Tracked Since Feb 18, 2026