CVE-2018-0115

Name of the Vulnerable Software and Affected Versions: Cisco StarOS (affected versions not specified)

Description: A vulnerability in the CLI of the Cisco StarOS operating system could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. The issue is due to insufficient validation of user-supplied input, which could be exploited by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. The attacker would need to authenticate to the affected system using valid administrator credentials.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.