Lucene search
CiscoCVELIST:CVE-2018-15371HistoryOct 05, 2018 - 2:00 p.m.
CVE-2018-15371 Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability
2018-10-0514:00:00
CWE-284
cisco
www.cve.org
5
A vulnerability in the shell access request mechanism of Cisco IOS XE Software could allow an authenticated, local attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by requesting access to the root shell of an affected device, after the shell access feature has been enabled. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
CNA Affected
[
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]Related
nessus
nessus
prion
prion
Authentication flaw
2018-10-05 14:29:00
cve
cve
CVE-2018-15371
2018-10-05 14:29:06
nvd
nvd
CVE-2018-15371
2018-10-05 14:29:06
cisco
cisco
Cisco IOS XE Software Shell Access Authentication Bypass Vulnerability
2018-09-26 16:00:00