CVE-2015-4279

Name of the Vulnerable Software and Affected Versions Cisco Unified Computing System (UCS) version 2.2(3b)

Description The issue allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect. It exists due to the failure to neutralize special elements used in the operating system command. Exploitation of the issue may allow an attacker to elevate their privileges for executing arbitrary code through the command line interface.

Recommendations For Cisco Unified Computing System (UCS) version 2.2(3b), at the moment, there is no information about a newer version that contains a fix for this vulnerability.