Preview Tool

Cisco Bug: CSCtd32357 - Command Injection Vulnerability in CIMC CLI

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Unified Computing System

Known Affected Releases


Description (partial)

A vulnerability exists which could allow an authenticated, local attacker to inject shell commands. A successful exploit would allow an attacker to gain 
elevated privileges on the underlying operating system.

Devices running affected versions of UCS are vulnerable.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.