QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12255

Back to search

CVE-2017-12255

Published: Sep 21, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this vulnerability by entering a specific command with crafted arguments. An exploit could allow the attacker to gain shell access to the underlying system. Cisco Bug IDs: CSCve70762.

VendorProductVersions

n/a

Cisco UCS Central Software

affected
Cisco UCS Central Software

Weaknesses (CWE)

CWE-20

References

100932
vdb-entry
x_refsource_BID
1039412
vdb-entry
x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now