Cisco Application Policy Infrastructure Controller Privilege Escalation SSH Key Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in SSH key handling for user accounts in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to elevate privileges.The vulnerability is due to improper validation of SSH keys local users add their accounts. An attacker could exploit this vulnerability by authenticating to the device and adding an SSH key to the attackers local account. An exploit could allow the attacker to elevate privileges on the local shell and perform
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Privilege%20Esca |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-6333. |