CVE-2020-3151

Name of the Vulnerable Software and Affected Versions Cisco Connected Mobile Experiences (CMX) (affected versions not specified)

Description The issue is related to insufficient security mechanisms in the restricted shell implementation of the CLI, allowing an authenticated, local attacker with administrative credentials to bypass restrictions. An attacker could exploit this by sending crafted commands to the CLI, potentially escaping the restricted shell and executing unauthorized commands with non-root user privileges. The vulnerability is also associated with errors in privilege management.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.