CVE-2016-9197
Severity
6.7MEDIUM
EPSS
0.1%
top 81.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 7
Latest updateMay 17
Description
A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected Releases: 8.3(102.0).
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9
Affected Packages2 packages
▶CVEListV5cisco_mobility_express_2800_and_3800_series_wireless_lan_controllersCisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers
🔴Vulnerability Details
2GHSA▶
GHSA-w5pr-xh48-9w34: A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, lo↗2022-05-17
CVEList▶
CVE-2016-9197: A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, lo↗2017-04-07
📋Vendor Advisories
1Cisco▶
Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers Shell Bypass Vulnerability↗2017-04-05