Miembros de
Boletines de Vulnerabilidades |
Cisco Collaboration Desk Experience Endpoints Command Injection Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the image upgrade facility of Cisco Collaboration DeskExperience (DX) Series endpoints could allow an authenticated, localattacker to execute commands in the context of the underlyingoperating system.The vulnerability is due to insufficientsanitization of input during the image upgrade process. An attackercould exploit this vulnerability by inserting shell commands into aparameter using common techniques.Cisco has confirmed the vulnerability in a security notice and released More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150220-CVE-2015-0584?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Collaboration%20Desk%20Experience%20Endpoints%20Command%20In |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-0584. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-10-04 |