PT-2016-4785 · Cisco · Cisco 8800
Published
2016-06-23
·
Updated
2016-11-30
·
CVE-2016-1435
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco 8800 phones version 11.0(1)
Description
The issue concerns improper enforcement of mounted-filesystem permissions, allowing local users with shell access to write to arbitrary files.
Recommendations
For Cisco 8800 phones version 11.0(1), consider restricting shell access to minimize the risk of exploitation until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco 8800