Home
MEDIUM: 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:NDefault status
unknown
12.5(1a)
affected
12.5(1)SU1
affected
12.5(1)
affected
12.5(1)SU2
affected
12.5(1)SU3
affected
12.5(1)SU4
affected
14
affected
12.5(1)SU5
affected
14SU1
affected
12.5(1)SU6
affected
14SU2
affected
12.5(1)SU7
affected
14SU3
affected
12.5(1)SU8
affected
12.5(1)SU8a
affected
12.5(1)SU8b
affected
14SU3a
affected
15
affected
15SU1
affected
15SU1a
affected
14SU4
affected
12.5(1)SU9
affected
Default status
unknown
11.0(1)ES_Rollback
affected
10.5(1)ES4
affected
11.6(1)ES3
affected
11.0(1)ES2
affected
12.0(1)ES2
affected
10.5(1)ES3
affected
11.0(1)
affected
11.6(1)FIPS
affected
11.6(1)ES4
affected
11.0(1)ES3
affected
10.5(1)ES6
affected
11.0(1)ES7
affected
11.5(1)ES4
affected
10.5(1)ES8
affected
11.5(1)
affected
11.6(1)
affected
10.5(1)ES10
affected
11.6(1)ES2
affected
11.6(1)ES
affected
11.0(1)ES6
affected
11.0(1)ES4
affected
12.0(1)
affected
11.6(1)ES7
affected
10.5(1)ES7
affected
11.6(1)ES8
affected
11.5(1)ES1
affected
11.6(1)ES1
affected
11.5(1)ES5
affected
11.0(1)ES1
affected
10.5(1)
affected
11.6(1)ES6
affected
10.5(1)ES2
affected
12.0(1)ES1
affected
11.0(1)ES5
affected
10.5(1)ES5
affected
11.5(1)ES3
affected
11.5(1)ES2
affected
10.5(1)ES9
affected
11.6(1)ES5
affected
11.6(1)ES9
affected
11.5(1)ES6
affected
10.5(1)ES1
affected
12.5(1)
affected
12.0(1)ES3
affected
11.6(1)ES10
affected
12.5(1)ES1
affected
12.5(1)ES2
affected
12.0(1)ES4
affected
12.5(1)ES3
affected
12.0(1)ES5
affected
12.5(1)ES4
affected
12.0(1)ES6
affected
12.5(1)ES5
affected
12.5(1)ES6
affected
12.0(1)ES7
affected
12.6(1)
affected
12.5(1)ES7
affected
11.6(1)ES11
affected
12.6(1)ES1
affected
12.0(1)ES8
affected
12.5(1)ES8
affected
12.6(1)ES2
affected
12.6(1)ES3
affected
12.6(1)ES4
affected
12.6(1)ES5
affected
12.5(2)
affected
12.5(1)_SU
affected
12.5(1)SU
affected
12.6(1)ES6
affected
12.5(1)SU ES1
affected
12.6(1)ES7
affected
12.6(1)ES7_ET
affected
12.6(2)
affected
12.6(1)ES8
affected
12.6(1)ES9
affected
12.6(2)ES1
affected
12.6(1)ES10
affected
12.5(1)SU ES2
affected
12.6(1)ES11
affected
12.6(2)ES2
affected
12.6(2)ES3
affected
12.5(1)SU ES3
affected
12.6(2)ES4
affected
12.6(2)ES6
affected
Default status
unknown
11.5(1)
affected
11.0(1a)
affected
11.5(1)SU1
affected
10.5(3)
affected
12.6(1)
affected
11.0(1)
affected
11.6(2)
affected
12.1(1)
affected
12.0(1a)
affected
11.5(3)
affected
10.5(1)
affected
12.5(1)
affected
11.5(2)
affected
11.6(1)
affected
10.5(2)
affected
10.5(3)SU1
affected
14
affected
14SU1
affected
14SU2
affected
14SU3
affected
15
affected
15SU1
affected
14SU4
affected
Default status
unknown
12.5(1)ES01
affected
10.5(1)
affected
11.6(1)
affected
10.6(1)
affected
12.0(1)ES04
affected
10.6(2)
affected
12.5(1)
affected
11.6(2)
affected
12.0(1)
affected
12.0(1)ES02
affected
11.0(1)
affected
11.5(1)
affected
11.5(1)SU1
affected
12.0(1)ES03
affected
12.5(1)SU3
affected
12.5(1)SU1
affected
12.5(1)SU2
affected
Default status
unknown
12.5(1)SU2
affected
12.5(1)SU1
affected
12.5(1)
affected
12.5(1)SU3
affected
12.5(1)SU4
affected
14
affected
12.5(1)SU5
affected
14SU1
affected
12.5(1)SU6
affected
14SU2
affected
12.5(1)SU7
affected
12.5(1)SU7a
affected
14SU3
affected
12.5(1)SU8
affected
12.5(1)SU8a
affected
15
affected
15SU1
affected
14SU4
affected
14SU4a
affected
15SU1a
affected
12.5(1)SU9
affected
Default status
unknown
12.5(1)
affected
12.5(1)SU1
affected
12.5(1)SU2
affected
12.5(1)SU3
affected
12.5(1)SU4
affected
14
affected
12.5(1)SU5
affected
14SU1
affected
12.5(1)SU6
affected
14SU2
affected
14SU2a
affected
12.5(1)SU7
affected
14SU3
affected
12.5(1)SU8
affected
15
affected
15SU1
affected
14SU4
affected
12.5(1)SU9
affected
Default status
unknown
10.5(1)SU1
affected
10.6(1)
affected
11.6(1)
affected
10.6(1)SU1
affected
10.6(1)SU3
affected
11.6(2)
affected
12.0(1)
affected
10.0(1)SU1
affected
11.0(1)SU1
affected
11.5(1)SU1
affected
10.5(1)
affected
12.5(1)
affected
12.5(1)SU1
affected
12.5(1)SU2
affected
12.5(1)SU3
affected
12.5(1)_SU03_ES01
affected
12.5(1)_SU03_ES02
affected
12.5(1)_SU02_ES03
affected
12.5(1)_SU02_ES04
affected
12.5(1)_SU02_ES02
affected
12.5(1)_SU01_ES02
affected
12.5(1)_SU01_ES03
affected
12.5(1)_SU02_ES01
affected
11.6(2)ES07
affected
11.6(2)ES08
affected
12.5(1)_SU01_ES01
affected
12.0(1)ES04
affected
12.5(1)ES02
affected
12.5(1)ES03
affected
11.6(2)ES06
affected
12.5(1)ES01
affected
12.0(1)ES03
affected
12.0(1)ES01
affected
11.6(2)ES05
affected
12.0(1)ES02
affected
11.6(2)ES04
affected
11.6(2)ES03
affected
11.6(2)ES02
affected
11.6(2)ES01
affected
10.6(1)SU3ES03
affected
11.0(1)SU1ES03
affected
10.6(1)SU3ES01
affected
10.5(1)SU1ES10
affected
10.0(1)SU1ES04
affected
11.5(1)SU1ES03
affected
11.6(1)ES02
affected
11.5(1)ES01
affected
9.0(2)SU3ES04
affected
10.6(1)SU2
affected
10.6(1)SU2ES04
affected
11.6(1)ES01
affected
10.6(1)SU3ES02
affected
11.5(1)SU1ES02
affected
11.5(1)SU1ES01
affected
8.5(1)SU4ES09
affected
8.5(1)
affected
11.0(1)SU1ES02
affected
12.5(1)_SU03_ES03
affected
12.5(1)_SU03_ES04
affected
12.5(1)_SU03_ES05
affected
12.5(1)_SU03_ES06
affected
Default status
unknown
11.6(1)
affected
10.5(1)
affected
11.0(1)
affected
11.5(1)
affected
12.0(1)
affected
12.5(1)
affected
11.0(2)
affected
12.6(1)
affected
12.5(1)SU
affected
12.6(1)_ET
affected
12.6(1)_ES05_ET
affected
11.0(3)
affected
12.6(2)
affected
12.6(2)_504_Issue_ET
affected
12.6.1_ExcelIssue_ET
affected
12.6(2)_Permalink_ET
affected
12.6.2_CSCwk19536_ET
affected
12.6.2_CSCwm96922_ET
affected
12.6.2_Amq_OOS_ET
affected
12.5(2)ET_CSCwi79933
affected
12.6(2)_ET
affected
12.6.2_CSCwn48501_ET
affected
Default status
unknown
12.5(1)
affected
12.5(1)SU1
affected
12.5(1)SU2
affected
12.5(1)SU3
affected
12.5(1)SU4
affected
14
affected
12.5(1)SU5
affected
14SU1
affected
12.5(1)SU6
affected
14SU2
affected
12.5(1)SU7
affected
14SU3
affected
12.5(1)SU8
affected
14SU3a
affected
12.5(1)SU8a
affected
15
affected
15SU1
affected
14SU4
affected
12.5(1)SU9
affected
Default status
unknown
11.0(1)
affected
11.6(1)_ES84
affected
11.5(1)_ES54
affected
11.5(1)_ES27
affected
11.5(1)
affected
11.5(1)ES36
affected
12.0(1)_ES01
affected
11.6(1)_ES85
affected
12.5(1)_ES05
affected
11.5(1)_ES32
affected
11.6(1)_ES83
affected
11.5(1)_ES29
affected
12.0(1)_ES06
affected
12.5(1)
affected
12.0(1)_ES07
affected
11.6(1)_ES80
affected
12.0(1)_ES05
affected
11.5(1)_ES36
affected
11.5(1)_ES53
affected
12.5(1)_ES08
affected
11.5(1)ES43
affected
12.0(1)_ES03
affected
11.6(1)_ES86
affected
12.0(1)_ES04
affected
11.5(1)ES27
affected
12.5(1)_ES03
affected
11.6(1)_ES88
affected
12.5(1)_ES06
affected
11.6(1)_ES82
affected
11.6(1)
affected
11.5(1)ES29
affected
12.5(1)_ES04
affected
12.5(1)_ES07
affected
11.6(1)_ES87
affected
11.6(1)_ES81
affected
12.0(1)
affected
11.6(1)_ES22
affected
11.5(1)_ES43
affected
11.5(1)ES32
affected
12.0(1)_ES02
affected
12.5(1)_ES02
affected
12.6(1)
affected
12.5(1)_ES09
affected
12.6(1)_ES01
affected
12.0(1)_ES08
affected
12.5(1)_ES10
affected
12.6(1)_ES02
affected
12.5(1)_ES11
affected
12.5(1)_ES12
affected
12.6(1)_ES03
affected
12.5(1)_ES13
affected
12.5(1)_ES14
affected
12.6(1)_ES04
affected
12.6(1)_ES05
affected
12.5(1)_ES15
affected
12.6(1)_ES06
affected
12.6(1)_ET
affected
12.5(1)_ES16
affected
12.5(1)SU
affected
12.5(1)_SU
affected
12.5(1)_SU_ES01
affected
12.6(1)_ES07
affected
12.6(2)
affected
12.5(1)_ES17
affected
12.6(1)_ES08
affected
12.6(1)_ES09
affected
12.6(1)_ES10
affected
12.5(1)_SU_ES02
affected
12.6(2)_ES01
affected
12.6(2)_ET01
affected
12.5(2)_ET
affected
12.6(2)_ES02
affected
12.6(2)_ET_Streaming
affected
12.6(2)ET_Transcribe
affected
12.6(2)_ES03
affected
12.6(2)ET_NuanceMix
affected
12.6(2)ET_FileUpload
affected
12.6(2)_ET02
affected
12.6(2)_ES04
affected
12.6.2ET_RTPfallback
affected
12.6.2ET_CSCwf55306
affected
12.6.2_ET_CSCwj36712
affected
12.5.2 ET-CSCwj33374
affected
12.5(1) SU ET
affected
12.6(2)ET_CSCwj87296
affected
12.6(2)_ES05
affected
12.5.2_ET_CSCvz27014
affected
12.6(2)_ET
affected
12.6.2-ET
affected
12.6(2)ET_CSCwk83135
affected
12.6.2_ET_CX_ALAW
affected
12.6.2-ET01-SSL
affected
12.6(2)_ES06
affected
Description
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
Problem types
Product status
12.5(1a)
12.5(1)SU1
12.5(1)
12.5(1)SU2
12.5(1)SU3
12.5(1)SU4
14
12.5(1)SU5
14SU1
12.5(1)SU6
14SU2
12.5(1)SU7
14SU3
12.5(1)SU8
12.5(1)SU8a
12.5(1)SU8b
14SU3a
15
15SU1
15SU1a
14SU4
12.5(1)SU9
11.0(1)ES_Rollback
10.5(1)ES4
11.6(1)ES3
11.0(1)ES2
12.0(1)ES2
10.5(1)ES3
11.0(1)
11.6(1)FIPS
11.6(1)ES4
11.0(1)ES3
10.5(1)ES6
11.0(1)ES7
11.5(1)ES4
10.5(1)ES8
11.5(1)
11.6(1)
10.5(1)ES10
11.6(1)ES2
11.6(1)ES
11.0(1)ES6
11.0(1)ES4
12.0(1)
11.6(1)ES7
10.5(1)ES7
11.6(1)ES8
11.5(1)ES1
11.6(1)ES1
11.5(1)ES5
11.0(1)ES1
10.5(1)
11.6(1)ES6
10.5(1)ES2
12.0(1)ES1
11.0(1)ES5
10.5(1)ES5
11.5(1)ES3
11.5(1)ES2
10.5(1)ES9
11.6(1)ES5
11.6(1)ES9
11.5(1)ES6
10.5(1)ES1
12.5(1)
12.0(1)ES3
11.6(1)ES10
12.5(1)ES1
12.5(1)ES2
12.0(1)ES4
12.5(1)ES3
12.0(1)ES5
12.5(1)ES4
12.0(1)ES6
12.5(1)ES5
12.5(1)ES6
12.0(1)ES7
12.6(1)
12.5(1)ES7
11.6(1)ES11
12.6(1)ES1
12.0(1)ES8
12.5(1)ES8
12.6(1)ES2
12.6(1)ES3
12.6(1)ES4
12.6(1)ES5
12.5(2)
12.5(1)_SU
12.5(1)SU
12.6(1)ES6
12.5(1)SU ES1
12.6(1)ES7
12.6(1)ES7_ET
12.6(2)
12.6(1)ES8
12.6(1)ES9
12.6(2)ES1
12.6(1)ES10
12.5(1)SU ES2
12.6(1)ES11
12.6(2)ES2
12.6(2)ES3
12.5(1)SU ES3
12.6(2)ES4
12.6(2)ES6
11.5(1)
11.0(1a)
11.5(1)SU1
10.5(3)
12.6(1)
11.0(1)
11.6(2)
12.1(1)
12.0(1a)
11.5(3)
10.5(1)
12.5(1)
11.5(2)
11.6(1)
10.5(2)
10.5(3)SU1
14
14SU1
14SU2
14SU3
15
15SU1
14SU4
12.5(1)ES01
10.5(1)
11.6(1)
10.6(1)
12.0(1)ES04
10.6(2)
12.5(1)
11.6(2)
12.0(1)
12.0(1)ES02
11.0(1)
11.5(1)
11.5(1)SU1
12.0(1)ES03
12.5(1)SU3
12.5(1)SU1
12.5(1)SU2
12.5(1)SU2
12.5(1)SU1
12.5(1)
12.5(1)SU3
12.5(1)SU4
14
12.5(1)SU5
14SU1
12.5(1)SU6
14SU2
12.5(1)SU7
12.5(1)SU7a
14SU3
12.5(1)SU8
12.5(1)SU8a
15
15SU1
14SU4
14SU4a
15SU1a
12.5(1)SU9
12.5(1)
12.5(1)SU1
12.5(1)SU2
12.5(1)SU3
12.5(1)SU4
14
12.5(1)SU5
14SU1
12.5(1)SU6
14SU2
14SU2a
12.5(1)SU7
14SU3
12.5(1)SU8
15
15SU1
14SU4
12.5(1)SU9
10.5(1)SU1
10.6(1)
11.6(1)
10.6(1)SU1
10.6(1)SU3
11.6(2)
12.0(1)
10.0(1)SU1
11.0(1)SU1
11.5(1)SU1
10.5(1)
12.5(1)
12.5(1)SU1
12.5(1)SU2
12.5(1)SU3
12.5(1)_SU03_ES01
12.5(1)_SU03_ES02
12.5(1)_SU02_ES03
12.5(1)_SU02_ES04
12.5(1)_SU02_ES02
12.5(1)_SU01_ES02
12.5(1)_SU01_ES03
12.5(1)_SU02_ES01
11.6(2)ES07
11.6(2)ES08
12.5(1)_SU01_ES01
12.0(1)ES04
12.5(1)ES02
12.5(1)ES03
11.6(2)ES06
12.5(1)ES01
12.0(1)ES03
12.0(1)ES01
11.6(2)ES05
12.0(1)ES02
11.6(2)ES04
11.6(2)ES03
11.6(2)ES02
11.6(2)ES01
10.6(1)SU3ES03
11.0(1)SU1ES03
10.6(1)SU3ES01
10.5(1)SU1ES10
10.0(1)SU1ES04
11.5(1)SU1ES03
11.6(1)ES02
11.5(1)ES01
9.0(2)SU3ES04
10.6(1)SU2
10.6(1)SU2ES04
11.6(1)ES01
10.6(1)SU3ES02
11.5(1)SU1ES02
11.5(1)SU1ES01
8.5(1)SU4ES09
8.5(1)
11.0(1)SU1ES02
12.5(1)_SU03_ES03
12.5(1)_SU03_ES04
12.5(1)_SU03_ES05
12.5(1)_SU03_ES06
11.6(1)
10.5(1)
11.0(1)
11.5(1)
12.0(1)
12.5(1)
11.0(2)
12.6(1)
12.5(1)SU
12.6(1)_ET
12.6(1)_ES05_ET
11.0(3)
12.6(2)
12.6(2)_504_Issue_ET
12.6.1_ExcelIssue_ET
12.6(2)_Permalink_ET
12.6.2_CSCwk19536_ET
12.6.2_CSCwm96922_ET
12.6.2_Amq_OOS_ET
12.5(2)ET_CSCwi79933
12.6(2)_ET
12.6.2_CSCwn48501_ET
12.5(1)
12.5(1)SU1
12.5(1)SU2
12.5(1)SU3
12.5(1)SU4
14
12.5(1)SU5
14SU1
12.5(1)SU6
14SU2
12.5(1)SU7
14SU3
12.5(1)SU8
14SU3a
12.5(1)SU8a
15
15SU1
14SU4
12.5(1)SU9
11.0(1)
11.6(1)_ES84
11.5(1)_ES54
11.5(1)_ES27
11.5(1)
11.5(1)ES36
12.0(1)_ES01
11.6(1)_ES85
12.5(1)_ES05
11.5(1)_ES32
11.6(1)_ES83
11.5(1)_ES29
12.0(1)_ES06
12.5(1)
12.0(1)_ES07
11.6(1)_ES80
12.0(1)_ES05
11.5(1)_ES36
11.5(1)_ES53
12.5(1)_ES08
11.5(1)ES43
12.0(1)_ES03
11.6(1)_ES86
12.0(1)_ES04
11.5(1)ES27
12.5(1)_ES03
11.6(1)_ES88
12.5(1)_ES06
11.6(1)_ES82
11.6(1)
11.5(1)ES29
12.5(1)_ES04
12.5(1)_ES07
11.6(1)_ES87
11.6(1)_ES81
12.0(1)
11.6(1)_ES22
11.5(1)_ES43
11.5(1)ES32
12.0(1)_ES02
12.5(1)_ES02
12.6(1)
12.5(1)_ES09
12.6(1)_ES01
12.0(1)_ES08
12.5(1)_ES10
12.6(1)_ES02
12.5(1)_ES11
12.5(1)_ES12
12.6(1)_ES03
12.5(1)_ES13
12.5(1)_ES14
12.6(1)_ES04
12.6(1)_ES05
12.5(1)_ES15
12.6(1)_ES06
12.6(1)_ET
12.5(1)_ES16
12.5(1)SU
12.5(1)_SU
12.5(1)_SU_ES01
12.6(1)_ES07
12.6(2)
12.5(1)_ES17
12.6(1)_ES08
12.6(1)_ES09
12.6(1)_ES10
12.5(1)_SU_ES02
12.6(2)_ES01
12.6(2)_ET01
12.5(2)_ET
12.6(2)_ES02
12.6(2)_ET_Streaming
12.6(2)ET_Transcribe
12.6(2)_ES03
12.6(2)ET_NuanceMix
12.6(2)ET_FileUpload
12.6(2)_ET02
12.6(2)_ES04
12.6.2ET_RTPfallback
12.6.2ET_CSCwf55306
12.6.2_ET_CSCwj36712
12.5.2 ET-CSCwj33374
12.5(1) SU ET
12.6(2)ET_CSCwj87296
12.6(2)_ES05
12.5.2_ET_CSCvz27014
12.6(2)_ET
12.6.2-ET
12.6(2)ET_CSCwk83135
12.6.2_ET_CX_ALAW
12.6.2-ET01-SSL
12.6(2)_ES06
References
sec.cloudapps.cisco.com/...tyAdvisory/cisco-sa-cucm-kkhZbHR5 (cisco-sa-cucm-kkhZbHR5)