Vigil@nce - Cisco IOS-XE 3S: privilege escalation
February 2016 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can inject a command on Cisco IOS-XE 3S,
in order to escalate his privileges.
Impacted products: Cisco ASR, IOS XE Cisco.
Severity: 2/4.
Creation date: 01/12/2015.
Revision date: 03/12/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco IOS-XE 3S product allows authenticated users to access
to the CLI (command-line interface).
However, a CLI command containing a special file name can be used
to inject a shell sub-command which runs with root privileges.
An authenticated attacker can therefore inject a command on Cisco
IOS-XE 3S, in order to escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-IOS-XE-3S-privilege-escalation-18406