A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing certain CLI commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS as root. To successfully exploit this vulnerability, an attacker would need valid credentials for a privilege level 15 user of the wireless controller.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:NCisco Catalyst 9105
HWCiscowszystkie wersjeCisco Catalyst 9105axi
HWCiscowszystkie wersjeCisco Catalyst 9105axw
HWCiscowszystkie wersjeCisco Catalyst 9115
HWCiscowszystkie wersjeCisco Catalyst 9115 Ap
HWCiscowszystkie wersjeCisco Catalyst 9115axe
HWCiscowszystkie wersjeCisco Catalyst 9115axi
HWCiscowszystkie wersjeCisco Catalyst 9117
HWCiscowszystkie wersjeCisco Catalyst 9117 Ap
HWCiscowszystkie wersjeCisco Catalyst 9117axi
HWCiscowszystkie wersjeCisco Catalyst 9120
HWCiscowszystkie wersjeCisco Catalyst 9120 Ap
HWCiscowszystkie wersjeCisco Catalyst 9120axe
HWCiscowszystkie wersjeCisco Catalyst 9120axi
HWCiscowszystkie wersjeCisco Catalyst 9120axp
HWCiscowszystkie wersjeCisco Catalyst 9124
HWCiscowszystkie wersjeCisco Catalyst 9124axd
HWCiscowszystkie wersjeCisco Catalyst 9124axi
HWCiscowszystkie wersjeCisco Catalyst 9130
HWCiscowszystkie wersjeCisco Catalyst 9130 Ap
HWCiscowszystkie wersjeCisco Catalyst 9130axe
HWCiscowszystkie wersjeCisco Catalyst 9130axi
HWCiscowszystkie wersjeCisco Catalyst 9800
HWCiscowszystkie wersjeCisco Catalyst 9800 40
HWCiscowszystkie wersjeCisco Catalyst 9800 80
HWCiscowszystkie wersjeCisco Catalyst 9800 Cl
HWCiscowszystkie wersjeCisco Catalyst 9800 L
HWCiscowszystkie wersjeCisco Catalyst 9800 L C
HWCiscowszystkie wersjeCisco Catalyst 9800 L F
HWCiscowszystkie wersjeCisco IOS XE
OSCisco17.6.1
Powiązane podatności
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software coul...
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...
RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP
Cisco IOS XE WLC — nieuwierzytelniony upload plików i RCE przez hardcoded JWT