Cisco ASR 1000 Series Root Shell License Bypass Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in the way software packages are loaded in Cisco IOS XE Software for the Cisco Aggregation Services Routers (ASR) 1000 Series could allow an authenticated, local attacker to gain restricted root shell access.The vulnerability is due to lack of proper input validation of file names at the command-line interface (CLI). An attacker could exploit this vulnerability by authenticating to the affected device and crafting specific file names for use when loading packages. An exploit
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-asa?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ASR%201000%20Series%20Root%20Shell%20License%20Bypass%20Vulnerability& |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-6383. |