Home
MEDIUM: 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HDefault status
unknown
2.3.1.99
affected
2.3.1.56
affected
2.3.1.110
affected
2.3.1.58
affected
2.6.1.174
affected
2.6.1.157
affected
2.3.1.91
affected
2.3.1.73
affected
2.3.1.66
affected
2.6.1.166
affected
2.3.1.111
affected
2.3.1.166
affected
2.3.1.144
affected
2.6.1.131
affected
2.3.1.130
affected
2.3.1.88
affected
2.6.1.169
affected
2.3.1.75
affected
2.3.1.93
affected
2.3.1.145
affected
2.3.1.155
affected
2.6.1.187
affected
2.3.1.173
affected
2.3.1.179
affected
2.6.1.192
affected
2.3.1.180
affected
2.6.1.204
affected
2.6.1.214
affected
2.3.1.190
affected
2.6.1.224
affected
2.6.1.229
affected
2.3.1.215
affected
2.10.1.159
affected
2.3.1.216
affected
2.6.1.230
affected
2.10.1.166
affected
2.6.1.238
affected
2.6.1.239
affected
2.11.1.154
affected
2.10.1.179
affected
2.3.1.219
affected
2.6.1.254
affected
2.12.0.31
affected
2.12.0.432
affected
2.10.1.207
affected
2.3.1.230
affected
2.6.1.259
affected
2.11.1.182
affected
2.12.0.450
affected
2.10.1.234
affected
2.13.0.198
affected
2.12.0.467
affected
2.13.0.212
affected
2.6.1.264
affected
2.10.1.245
affected
2.11.1.200
affected
2.12.0.498
affected
2.10.1.271
affected
2.12.1.29
affected
2.13.0.243
affected
2.11.1.205
affected
2.6.1.265
affected
2.12.1.48
affected
2.14.1.131
affected
2.13.0.276
affected
2.11.1.228
affected
2.12.1.72
affected
2.10.1.312
affected
2.6.1.272
affected
2.14.1.143
affected
2.14.1.163
affected
2.14.1.167
affected
2.12.1.84
affected
2.16.0.128
affected
2.10.1.328
affected
2.10.1.341
affected
2.11.1.236
affected
2.12.1.95
affected
2.13.0.357
affected
2.16.0.136
affected
2.14.1.186
affected
2.17.0.518
affected
2.14.1.187
affected
Default status
unknown
9.12.2
affected
9.12.1
affected
9.12.3
affected
9.12.4
affected
9.12.3.2
affected
9.12.3.12
affected
9.12.2.5
affected
9.12.1.2
affected
9.12.2.1
affected
9.12.3.7
affected
9.12.2.9
affected
9.12.3.9
affected
9.12.1.3
affected
9.12.4.2
affected
9.12.4.4
affected
9.12.4.7
affected
9.12.4.8
affected
9.12.4.10
affected
9.12.4.13
affected
9.12.4.18
affected
9.12.4.24
affected
9.16.1
affected
9.12.4.26
affected
9.16.1.28
affected
9.12.4.29
affected
9.16.2
affected
9.12.4.30
affected
9.16.2.3
affected
9.12.4.35
affected
9.16.2.7
affected
9.12.4.37
affected
9.17.1
affected
9.16.2.11
affected
9.16.2.13
affected
9.12.4.39
affected
9.12.4.38
affected
9.16.2.14
affected
9.17.1.7
affected
9.12.4.40
affected
9.16.3.3
affected
9.16.3
affected
9.17.1.9
affected
9.16.3.14
affected
9.12.4.41
affected
9.17.1.10
affected
9.18.1
affected
9.12.4.47
affected
9.16.3.15
affected
9.18.1.3
affected
9.17.1.11
affected
9.12.4.48
affected
9.18.2
affected
9.16.3.19
affected
9.17.1.13
affected
9.12.4.50
affected
9.17.1.15
affected
9.12.4.52
affected
9.16.3.23
affected
9.18.2.5
affected
9.16.4
affected
9.12.4.54
affected
9.17.1.20
affected
9.18.2.7
affected
9.19.1
affected
9.16.4.9
affected
9.12.4.55
affected
9.18.2.8
affected
9.16.4.14
affected
9.18.3
affected
9.19.1.5
affected
9.12.4.56
affected
9.17.1.30
affected
9.19.1.9
affected
9.18.3.39
affected
9.16.4.19
affected
9.12.4.58
affected
9.19.1.12
affected
9.18.3.46
affected
9.16.4.27
affected
9.19.1.18
affected
9.18.3.53
affected
9.18.3.55
affected
9.16.4.38
affected
9.17.1.33
affected
9.12.4.62
affected
9.16.4.39
affected
9.18.3.56
affected
9.16.4.42
affected
9.19.1.22
affected
9.18.4
affected
9.18.4.5
affected
9.19.1.24
affected
9.16.4.48
affected
9.18.4.8
affected
9.20.2
affected
9.19.1.27
affected
9.12.4.65
affected
9.16.4.55
affected
9.18.4.22
affected
9.20.2.10
affected
9.16.4.57
affected
9.19.1.28
affected
9.17.1.39
affected
9.12.4.67
affected
9.18.4.24
affected
9.20.2.21
affected
9.16.4.61
affected
9.19.1.31
affected
9.18.4.29
affected
9.20.2.22
affected
9.16.4.62
affected
9.18.4.34
affected
9.20.3
affected
9.16.4.67
affected
9.18.4.40
affected
9.16.4.71
affected
9.20.3.4
affected
9.18.4.47
affected
9.20.3.7
affected
9.17.1.45
affected
9.19.1.37
affected
9.16.4.76
affected
9.18.4.50
affected
9.20.3.10
affected
9.18.4.52
affected
9.20.3.13
affected
9.18.4.53
affected
9.16.4.82
affected
9.20.3.16
affected
9.19.1.42
affected
9.18.4.57
affected
9.16.4.84
affected
9.20.3.20
affected
9.20.4
affected
9.20.4.7
affected
Default status
unknown
4.0(4h)
affected
4.1(1a)
affected
4.0(1c)
affected
4.0(4a)
affected
4.0(1a)
affected
4.0(1d)
affected
4.1(1c)
affected
4.0(2a)
affected
4.0(4g)
affected
4.0(2e)
affected
4.0(4c)
affected
4.0(4f)
affected
4.0(1b)
affected
4.0(2b)
affected
4.0(2d)
affected
4.1(1b)
affected
4.0(4d)
affected
4.0(4e)
affected
4.0(4b)
affected
4.1(2a)
affected
4.1(1d)
affected
4.0(4i)
affected
4.1(1e)
affected
4.1(2b)
affected
4.0(4k)
affected
4.1(3a)
affected
4.1(3b)
affected
4.1(2c)
affected
4.0(4l)
affected
4.1(4a)
affected
4.1(3c)
affected
4.1(3d)
affected
4.2(1c)
affected
4.2(1d)
affected
4.0(4m)
affected
4.1(3e)
affected
4.2(1f)
affected
4.1(3f)
affected
4.2(1i)
affected
4.1(3h)
affected
4.2(1k)
affected
4.2(1l)
affected
4.0(4n)
affected
4.2(1m)
affected
4.1(3i)
affected
4.2(2a)
affected
4.2(1n)
affected
4.1(3j)
affected
4.2(2c)
affected
4.2(2d)
affected
4.2(3b)
affected
4.1(3k)
affected
4.0(4o)
affected
4.2(2e)
affected
4.2(3d)
affected
4.2(3e)
affected
4.2(3g)
affected
4.1(3l)
affected
4.3(2b)
affected
4.2(3h)
affected
4.2(3i)
affected
4.3(2c)
affected
4.1(3m)
affected
4.3(2e)
affected
4.3(3a)
affected
4.2(3j)
affected
4.3(3c)
affected
4.3(4a)
affected
4.2(3k)
affected
4.3(4b)
affected
4.3(4c)
affected
4.2(3l)
affected
4.3(4d)
affected
4.3(2f)
affected
4.2(3m)
affected
4.3(5a)
affected
4.3(4e)
affected
4.1(3n)
affected
4.3(4f)
affected
4.2(3n)
affected
4.3(5c)
affected
4.2(3o)
affected
4.3(5d)
affected
4.3(6a)
affected
4.3(6b)
affected
4.3(5e)
affected
4.2(3p)
affected
Description
A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.
Problem types
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Product status
2.3.1.99
2.3.1.56
2.3.1.110
2.3.1.58
2.6.1.174
2.6.1.157
2.3.1.91
2.3.1.73
2.3.1.66
2.6.1.166
2.3.1.111
2.3.1.166
2.3.1.144
2.6.1.131
2.3.1.130
2.3.1.88
2.6.1.169
2.3.1.75
2.3.1.93
2.3.1.145
2.3.1.155
2.6.1.187
2.3.1.173
2.3.1.179
2.6.1.192
2.3.1.180
2.6.1.204
2.6.1.214
2.3.1.190
2.6.1.224
2.6.1.229
2.3.1.215
2.10.1.159
2.3.1.216
2.6.1.230
2.10.1.166
2.6.1.238
2.6.1.239
2.11.1.154
2.10.1.179
2.3.1.219
2.6.1.254
2.12.0.31
2.12.0.432
2.10.1.207
2.3.1.230
2.6.1.259
2.11.1.182
2.12.0.450
2.10.1.234
2.13.0.198
2.12.0.467
2.13.0.212
2.6.1.264
2.10.1.245
2.11.1.200
2.12.0.498
2.10.1.271
2.12.1.29
2.13.0.243
2.11.1.205
2.6.1.265
2.12.1.48
2.14.1.131
2.13.0.276
2.11.1.228
2.12.1.72
2.10.1.312
2.6.1.272
2.14.1.143
2.14.1.163
2.14.1.167
2.12.1.84
2.16.0.128
2.10.1.328
2.10.1.341
2.11.1.236
2.12.1.95
2.13.0.357
2.16.0.136
2.14.1.186
2.17.0.518
2.14.1.187
9.12.2
9.12.1
9.12.3
9.12.4
9.12.3.2
9.12.3.12
9.12.2.5
9.12.1.2
9.12.2.1
9.12.3.7
9.12.2.9
9.12.3.9
9.12.1.3
9.12.4.2
9.12.4.4
9.12.4.7
9.12.4.8
9.12.4.10
9.12.4.13
9.12.4.18
9.12.4.24
9.16.1
9.12.4.26
9.16.1.28
9.12.4.29
9.16.2
9.12.4.30
9.16.2.3
9.12.4.35
9.16.2.7
9.12.4.37
9.17.1
9.16.2.11
9.16.2.13
9.12.4.39
9.12.4.38
9.16.2.14
9.17.1.7
9.12.4.40
9.16.3.3
9.16.3
9.17.1.9
9.16.3.14
9.12.4.41
9.17.1.10
9.18.1
9.12.4.47
9.16.3.15
9.18.1.3
9.17.1.11
9.12.4.48
9.18.2
9.16.3.19
9.17.1.13
9.12.4.50
9.17.1.15
9.12.4.52
9.16.3.23
9.18.2.5
9.16.4
9.12.4.54
9.17.1.20
9.18.2.7
9.19.1
9.16.4.9
9.12.4.55
9.18.2.8
9.16.4.14
9.18.3
9.19.1.5
9.12.4.56
9.17.1.30
9.19.1.9
9.18.3.39
9.16.4.19
9.12.4.58
9.19.1.12
9.18.3.46
9.16.4.27
9.19.1.18
9.18.3.53
9.18.3.55
9.16.4.38
9.17.1.33
9.12.4.62
9.16.4.39
9.18.3.56
9.16.4.42
9.19.1.22
9.18.4
9.18.4.5
9.19.1.24
9.16.4.48
9.18.4.8
9.20.2
9.19.1.27
9.12.4.65
9.16.4.55
9.18.4.22
9.20.2.10
9.16.4.57
9.19.1.28
9.17.1.39
9.12.4.67
9.18.4.24
9.20.2.21
9.16.4.61
9.19.1.31
9.18.4.29
9.20.2.22
9.16.4.62
9.18.4.34
9.20.3
9.16.4.67
9.18.4.40
9.16.4.71
9.20.3.4
9.18.4.47
9.20.3.7
9.17.1.45
9.19.1.37
9.16.4.76
9.18.4.50
9.20.3.10
9.18.4.52
9.20.3.13
9.18.4.53
9.16.4.82
9.20.3.16
9.19.1.42
9.18.4.57
9.16.4.84
9.20.3.20
9.20.4
9.20.4.7
4.0(4h)
4.1(1a)
4.0(1c)
4.0(4a)
4.0(1a)
4.0(1d)
4.1(1c)
4.0(2a)
4.0(4g)
4.0(2e)
4.0(4c)
4.0(4f)
4.0(1b)
4.0(2b)
4.0(2d)
4.1(1b)
4.0(4d)
4.0(4e)
4.0(4b)
4.1(2a)
4.1(1d)
4.0(4i)
4.1(1e)
4.1(2b)
4.0(4k)
4.1(3a)
4.1(3b)
4.1(2c)
4.0(4l)
4.1(4a)
4.1(3c)
4.1(3d)
4.2(1c)
4.2(1d)
4.0(4m)
4.1(3e)
4.2(1f)
4.1(3f)
4.2(1i)
4.1(3h)
4.2(1k)
4.2(1l)
4.0(4n)
4.2(1m)
4.1(3i)
4.2(2a)
4.2(1n)
4.1(3j)
4.2(2c)
4.2(2d)
4.2(3b)
4.1(3k)
4.0(4o)
4.2(2e)
4.2(3d)
4.2(3e)
4.2(3g)
4.1(3l)
4.3(2b)
4.2(3h)
4.2(3i)
4.3(2c)
4.1(3m)
4.3(2e)
4.3(3a)
4.2(3j)
4.3(3c)
4.3(4a)
4.2(3k)
4.3(4b)
4.3(4c)
4.2(3l)
4.3(4d)
4.3(2f)
4.2(3m)
4.3(5a)
4.3(4e)
4.1(3n)
4.3(4f)
4.2(3n)
4.3(5c)
4.2(3o)
4.3(5d)
4.3(6a)
4.3(6b)
4.3(5e)
4.2(3p)
References
sec.cloudapps.cisco.com/...Advisory/cisco-sa-ucsciv-wGYtC78q (cisco-sa-ucsciv-wGYtC78q)