Cisco Bug: CSCul53128 - UCS Central Local Privilege Escalation Via Copy Command
Aug 06, 2018
- Cisco UCS Central Software
- Cisco UCS Central 1.x
Known Affected Releases
Symptom: A vulnerability in the local-mgmt context within the Cisco Unified Computing System Central could allow an authenticated, local attacker to gain shell level access to the affected device. The vulnerability is due to improper input validation in the copy command. An attacker could exploit this vulnerability by sending a specially crafted command within the command line interface . Conditions: Device running affected version of software with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases