CVE-2015-4183

Name of the Vulnerable Software and Affected Versions Cisco UCS Central Software version 1.2(1a)

Description The issue allows local users to gain privileges for OS command execution via a crafted CLI parameter. This is due to the system's failure to neutralize special elements used in the OS command. Exploitation of the issue may allow an attacker to obtain privileges for executing OS commands by modifying a CLI parameter.

Recommendations For Cisco UCS Central Software version 1.2(1a), consider restricting access to the CLI to minimize the risk of exploitation until a fix is available. As a temporary workaround, avoid using crafted CLI parameters that could lead to privilege escalation. At the moment, there is no information about a newer version that contains a fix for this issue.