CVE-2015-6385

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.5(2)S through 15.5(3)S

Description The issue allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables.

Recommendations For Cisco IOS versions 15.5(2)S through 15.5(3)S, consider restricting administrative access to prevent exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.