CVE-2015-6298

Name of the Vulnerable Software and Affected Versions Cisco AsyncOS versions 8.0.0 through 8.0.7, Cisco AsyncOS versions 8.1.x, Cisco AsyncOS versions 8.5.0 through 8.5.2, Cisco AsyncOS versions 8.6.x, Cisco AsyncOS versions 8.7.0 through 8.7.0-170, Cisco AsyncOS versions 8.8.0 through 8.8.0-084

Description The issue allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments.

Recommendations For Cisco AsyncOS version 8.0.x, update to version 8.0.8-113 or later. For Cisco AsyncOS version 8.1.x, update to a version after 8.1.x. For Cisco AsyncOS version 8.5.x, update to version 8.5.3-051 or later. For Cisco AsyncOS version 8.6.x, update to a version after 8.6.x. For Cisco AsyncOS version 8.7.x, update to version 8.7.0-171-LD or later. For Cisco AsyncOS version 8.8.x, update to version 8.8.0-085 or later.