Cisco IOS XE 3.5E and previous versions on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios_xe |
||
cisco ws-c3860 |
||
cisco air-ct5760 |
||
cisco ws-c3850 |