CVE-2014-7990
N/A
N/A
Summary
Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access by leveraging administrative privilege, aka Bug ID CSCur09815.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7990
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36351
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98529
- http://www.securityfocus.com/bid/70968
- http://www.securitytracker.com/id/1031179
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7990
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36351
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98529
- http://www.securityfocus.com/bid/70968
- http://www.securitytracker.com/id/1031179
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.