CVE-2015-4185

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.2

Description The issue is related to the TCL interpreter component in Cisco IOS, which has inadequate access control to certain functions. This allows a local attacker to escalate privileges by executing a TCL script, potentially gaining level 15 privileges and allowing the execution of privileged commands. The vulnerability is due to an error when resetting vty privileges after running a TCL script. An attacker could exploit this by establishing a session with the affected device immediately after a TCL script has been run, requiring valid credentials and successful authentication to the device.

Recommendations For Cisco IOS version 15.2, update to a newer version that includes the fix for this issue, as confirmed by Cisco. As a temporary workaround, consider restricting access to the TCL script interpreter until a patch is available. Avoid establishing sessions with the device immediately after a TCL script has been run to minimize the risk of exploitation.