QwikSec

Security Database

CVE

CWE

Training

CVE-2015-6385

Published: Dec 1, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20151130 Cisco Cloud Services Router 1000V Command Injection Vulnerability

vendor-advisory

x_refsource_CISCO

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.