PT-2017-9993 · Cisco · Cisco Mobility Express 2800/3800 Series Wireless Lan Controllers

Publicado

2017-04-07

Atualizado

2017-04-13

CVE-2016-9197

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers version 8.3(102.0)

Description A vulnerability in the CLI command parser could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges.

Recommendations For version 8.3(102.0), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2016-9197

Produtos afetados

Cisco Mobility Express 2800/3800 Series Wireless Lan Controllers

PT-2017-9993 · Cisco · Cisco Mobility Express 2800/3800 Series Wireless Lan Controllers

CVE-2016-9197

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4