CVE-2014-7995 — HIGH (7.2) — White Hats Nepal

Q: How severe is CVE-2014-7995?

CVE-2014-7995 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-7995?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Meraki Mx Firmware, Cisco Meraki Mx, Cisco Meraki Ms Firmware, Cisco Meraki Ms, Cisco Meraki Mr Firmware.

Vulnerability Description

Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Meraki Mx Firmware	<= 2014-09-24
Cisco	Meraki Mx	-
Cisco	Meraki Ms Firmware	<= 2014-09-24
Cisco	Meraki Ms	-
Cisco	Meraki Mr Firmware	<= 2014-09-24
Cisco	Meraki Mr	-

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2014-7995?

CVE-2014-7995 is a vulnerability with a CVSS score of 7.2 (HIGH). Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka ...

How severe is CVE-2014-7995?

CVE-2014-7995 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-7995?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Meraki Mx Firmware, Cisco Meraki Mx, Cisco Meraki Ms Firmware, Cisco Meraki Ms, Cisco Meraki Mr Firmware.