Back to search
CVE-2015-0692
Published: Apr 11, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via crafted serialized objects, aka Bug ID CSCut39230.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20150410 Cisco Web Security Appliance Pickle Python Module Arbitrary Code Execution Vulnerability
vendor-advisory
x_refsource_CISCO
1032097
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now