Back to search
CVE-2015-0693
Published: Apr 15, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafted pickle file, aka Bug ID CSCut39259.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1032097
vdb-entry
x_refsource_SECTRACK
20150413 Cisco Web Security Appliance Python File Processing Privilege Escalation Vulnerability
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now