CVE-2016-1320

The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286.
OS Command Injection
Severity
MEDIUM
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Atk. Vector
LOCAL
Atk. Complexity
LOW
Priv. Required
HIGH
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
ciscoprime_collaboration
9.0.0
ciscoprime_collaboration
9.0.5
ciscoprime_collaboration
11.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp
https://www.tenable.com/security/research/tra-2016-38
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160209-pcp
https://www.tenable.com/security/research/tra-2016-38