Cisco Bug: CSCvu34342 - ENH: DNA Spaces Connector allows bypassing of the Restrictive Shell Escape
Jun 16, 2020
- Cisco DNA Spaces
Known Affected Releases
Symptom: DNA Spaces Connector version 2.0.238 allow users to bypass the default restrictive shell allowing access to the rbash shell. For example, customer is able to copy the regular bash program located in the /bin directory to their working directory in /home/cmxadmin/bin, which allowed the customer to run the bash program like normal. Conditions: DNA Spaces Connector version 2.0.238.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases