Miembros de
Boletines de Vulnerabilidades |
Cisco Firepower 9000 Command Injection at Management I/O Command-Line Interface Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the Management I/O (MIO) command-line interface (CLI) command execution of Cisco Firepower 9000 devices could allow an authenticated, local attacker to access the underlying operating system and execute commands at the root privilege level. The vulnerability is due to insufficient sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by using crafted user input to execute commands on the underlying operating system. The user has to be More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fire1?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%209000%20Command%20Injection%20at%20Management%20I/O%20Com |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-6370. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-11-18 |