Cisco TelePresence Video Communication Server (VCS) Expressway Privilege Escalation Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in the process management code of the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local attacker to run arbitrary programs with elevated privileges.The vulnerability is due to the failure to protect a supervised process. An attacker could exploit this vulnerability by completing a series of steps that ultimately allows a lower-privileged process to be restarted with root privilege. An attacker would need to crash a firestarter.py
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-vcs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20TelePresence%20Video%20Communication%20Server%20(VCS)%20Expressway%20P |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-4325. |