Guest

Preview Tool

Cisco Bug: CSCul53128 - UCS Central Local Privilege Escalation Via Copy Command

Last Modified

Aug 06, 2018

Products (2)

  • Cisco UCS Central Software
  • Cisco UCS Central 1.x

Known Affected Releases

1.1(1a)

Description (partial)

Symptom:
A vulnerability in the local-mgmt context within the Cisco Unified Computing System Central could allow an authenticated, local attacker to gain
shell level access to the affected device.

The vulnerability is due to improper input validation in the copy command. An attacker could exploit this vulnerability by sending a specially
crafted command within the command line interface .

Conditions:
Device running affected version of software with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.