CVE-2015-4183OS Command Injection in Cisco Unified Computing System

CWE-78OS Command Injection4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.2%
top 58.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Computing System
Timeline
PublishedJun 17
Latest updateMay 17

Description

Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6x43-g9fr-c293: Cisco UCS Central Software 12022-05-17
CVEList
CVE-2015-4183: Cisco UCS Central Software 12015-06-17

📋Vendor Advisories

1
Cisco
Cisco UCS Central Software Command-Line Interface Command Injection Vulnerability2015-06-15
CVE-2015-4183 — OS Command Injection in Cisco | cvebase