Miembros de
Boletines de Vulnerabilidades |
Cisco IOS-XE 3S Platforms Series Root Shell License Bypass Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the way software packages are loaded in the Cisco IOS-XE Operating System for the Cisco IOS-XE 3S platforms could allow an authenticated, local attacker to gain restricted root shell access.The vulnerability is due to lack of proper input validation of the file names at the CLI. An attacker could exploit this vulnerability by authenticating to the affected device and crafting specific file names for use when loading packages. An exploit could allow the authenticated attacker More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-iosxe3s?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS-XE%203S%20Platforms%20Series%20Root%20Shell%20License%20Bypass |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-6383. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-12-04 |