The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID CSCug54412.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=39347 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/75195 - | |
References | () http://www.securitytracker.com/id/1032583 - |
Information
Published : 2015-06-17 10:59
Updated : 2024-11-21 02:30
NVD link : CVE-2015-4186
Mitre link : CVE-2015-4186
CVE.ORG link : CVE-2015-4186
JSON object : View
Products Affected
cisco
- virtualization_experience_client_6000_series_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')