CVE-2016-6402Cisco Unified Computing System vulnerability

CWE-2645 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 75.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Computing System
Timeline
PublishedSep 18
Latest updateMay 17

Description

UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDcisco/unified_computing_system28 versions+27

🔴Vulnerability Details

2
GHSA
GHSA-3mqx-q3cf-pfj3: UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 32022-05-17
CVEList
CVE-2016-6402: UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 32016-09-18

💥Exploits & PoCs

1
Exploit-DB
Cisco EPC 3928 - Multiple Vulnerabilities2016-06-07

📋Vendor Advisories

1
Cisco
Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability2016-09-14
CVE-2016-6402 — Cisco vulnerability | cvebase