Wednesday, October 26, 2016

Cisco IP Interoperability and Collaboration System Command-Line Interface Privilege Escalation Vulnerability

A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by entering specific, crafted command input.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://ift.tt/2eFQyRQ A vulnerability in the command-line interface of the Cisco IP Interoperability and Collaboration System (IPICS) could allow an authenticated, local attacker to elevate the privilege level associated with their session.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by entering specific, crafted command input.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://ift.tt/2eFQyRQ
Security Impact Rating: Medium
CVE: CVE-2016-6430

from Cisco Security Advisory http://ift.tt/2eFQyRQ

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.