Cisco Unified Communications Manager root Shell Access Local Privilege Escalation Vulnerability

A vulnerability in the local read file of the Cisco Unified Communications Manager could allow an authenticated, local attacker to execute commands and obtain an interactive Linux shell as the root user if the attacker has already obtained sensitive information from the system.

The vulnerability is due to a failure to properly sanitize user input. An attacker could exploit this vulnerability by inserting Linux shell commands into a parameter using common techniques. A successful exploit could allow the attacker to execute any command on the Linux shell as the root user, which could result in a complete system compromise.

Cisco has confirmed the vulnerability and released software updates.

To exploit this vulnerability, an attacker must authenticate and have local access to the targeted device. These access requirement decreases the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.