Test Kennung:	1.3.6.1.4.1.25623.1.0.106254
Kategorie:	CISCO
Titel:	Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability
Zusammenfassung:	A vulnerability in the command-line interface (CLI) of the Cisco Unified;Computing System (UCS) Manager and UCS 6200 Series Fabric Interconnects could allow an authenticated, local;attacker to access the underlying operating system with the privileges of the root user.
Beschreibung:	Summary: A vulnerability in the command-line interface (CLI) of the Cisco Unified Computing System (UCS) Manager and UCS 6200 Series Fabric Interconnects could allow an authenticated, local attacker to access the underlying operating system with the privileges of the root user. Vulnerability Insight: The vulnerability is due to insufficient sanitization of user-supplied input at the CLI. Vulnerability Impact: An attacker could exploit this vulnerability by bypassing policy restrictions and executing commands on the underlying operating system. The user needs to log in to the device with valid user credentials to exploit this vulnerability. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6402 BugTraq ID: 92956 http://www.securityfocus.com/bid/92956 Cisco Security Advisory: 20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs http://www.securitytracker.com/id/1036831
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.