CVE-2015-4186

The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID CSCug54412.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
ciscovirtualization_experience_client_6000_series_firmware
11.2\(27.4\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=39347
http://www.securityfocus.com/bid/75195
http://www.securitytracker.com/id/1032583
http://tools.cisco.com/security/center/viewAlert.x?alertId=39347
http://www.securityfocus.com/bid/75195
http://www.securitytracker.com/id/1032583