CVE-2016-6414

iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.
Configurations

Configuration 1 (hide)

cpe:2.3:o:cisco:ios:15.6\(1\)t1:*:*:*:*:*:*:*

History

21 Nov 2024, 02:56

Type Values Removed Values Added
References () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-iox - Vendor Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-iox - Vendor Advisory
References () http://www.securityfocus.com/bid/93091 - () http://www.securityfocus.com/bid/93091 -
References () http://www.securitytracker.com/id/1036876 - () http://www.securitytracker.com/id/1036876 -

Information

Published : 2016-09-22 22:59

Updated : 2024-11-21 02:56


NVD link : CVE-2016-6414

Mitre link : CVE-2016-6414

CVE.ORG link : CVE-2016-6414


JSON object : View

Products Affected

cisco

  • ios
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')