Cisco Bug: CSCtd72286 - Insufficient command line filtering within the upgrade command.
May 24, 2016
- Cisco IPS 4200 Series Sensors
- Cisco IPS Sensor Software Version 7.0
- Cisco Catalyst 6500 Series Intrusion Detection System (IDSM-2) Services Module
- Cisco IPS 4260 Sensor
- Cisco IPS Sensor Software Version 6.1
- Cisco IPS 4255 Sensor
- Cisco Intrusion Prevention System Network Module
- Cisco IPS 4270-20 Sensor
- Cisco ASA Advanced Inspection and Prevention Security Services Card
- Cisco IPS Sensor Software Version 6.2
Known Affected Releases
5.0(0.1) 5.0(1) 5.1(1) 6.0(1)E1 6.1(1)E1 6.2(1)E3 7.0(1)E3
Symptom: In certain situations it may be possible for an authenticated administrator of an affected device with SuperUser privileges to execute commands on the underlying operating system as root. Conditions: An administrator that issues an upgrade command on the CLI that contains a malformed package name may be able to trigger this issue. The issue exists on devices running Cisco IPS versions 5.x, 6.x and 7.x.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases