CVE-2016-6402

UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
ciscounified_computing_system
2.2\(1b\)
ciscounified_computing_system
2.2\(1c\)
ciscounified_computing_system
2.2\(1d\)
ciscounified_computing_system
2.2\(1e\)
ciscounified_computing_system
2.2\(1f\)
ciscounified_computing_system
2.2\(1g\)
ciscounified_computing_system
2.2\(1h\)
ciscounified_computing_system
2.2\(2c\)
ciscounified_computing_system
2.2\(2c\)a
ciscounified_computing_system
2.2\(2d\)
ciscounified_computing_system
2.2\(2e\)
ciscounified_computing_system
2.2\(3a\)
ciscounified_computing_system
2.2\(3b\)
ciscounified_computing_system
2.2\(3c\)
ciscounified_computing_system
2.2\(3d\)
ciscounified_computing_system
2.2\(3e\)
ciscounified_computing_system
2.2\(3f\)
ciscounified_computing_system
2.2\(3g\)
ciscounified_computing_system
2.2\(4b\)
ciscounified_computing_system
2.2\(4c\)
ciscounified_computing_system
2.2\(5a\)
ciscounified_computing_system
2.2\(5b\)a
ciscounified_computing_system
2.2_base:_base
ciscounified_computing_system
3.0\(1c\)
ciscounified_computing_system
3.0\(1d\)
ciscounified_computing_system
3.0\(1e\)
ciscounified_computing_system
3.0\(2c\)
ciscounified_computing_system
3.0\(2d\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs
http://www.securityfocus.com/bid/92956
http://www.securitytracker.com/id/1036831
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs
http://www.securityfocus.com/bid/92956
http://www.securitytracker.com/id/1036831