CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
A vulnerability in one of the diagnostic commands in the Cisco IOS XE operating system for Cisco IOS XE 3S platforms could allow an authenticated, privileged, local attacker to gain restricted root shell access. The root shell is provided for advanced troubleshooting with Cisco Technical Assistance Center (TAC) engineers and requires a license.
The vulnerability occurs because the parameters to diagnostic commands at the command-line interface (CLI) are not properly validated. An attacker could exploit this vulnerability by authenticating to the affected device at privileged level 15 and providing crafted parameters to the diagnostic commands. An exploit could allow the authenticated, privileged attacker to bypass the license required for root shell access. If the authenticated user obtains root shell access, further compromise may be possible.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-iosxe3s[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-iosxe3s”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | cisco_ios | 3.7s | cpe:2.3:o:cisco:cisco_ios:3.7s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.8s | cpe:2.3:o:cisco:cisco_ios:3.8s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.9s | cpe:2.3:o:cisco:cisco_ios:3.9s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.10s | cpe:2.3:o:cisco:cisco_ios:3.10s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.11s | cpe:2.3:o:cisco:cisco_ios:3.11s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.12s | cpe:2.3:o:cisco:cisco_ios:3.12s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.13s | cpe:2.3:o:cisco:cisco_ios:3.13s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.14s | cpe:2.3:o:cisco:cisco_ios:3.14s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.15s | cpe:2.3:o:cisco:cisco_ios:3.15s:xe:*:*:*:*:*:* |
cisco | cisco_ios | 3.16s | cpe:2.3:o:cisco:cisco_ios:3.16s:xe:*:*:*:*:*:* |