MEDIUM✓ PATCH🇬🇧 English

CVE-2019-1911

CVSS 5.3v3.0pub. 2019-07-06upd. 2024-11-21

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • Cisco Hosted Collaboration Solution

    APP
    Cisco
    ≤ 11.5\(3\)pb3
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2017-12337CRITICAL9.8ten sam produkt

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating Sy...

CVE-2017-9805HIGH8.1⚠ KEVten sam produkt

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHand...

CVE-2019-15968MEDIUM5.4ten sam produkt

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified ...

CVE-2018-0386MEDIUM6.1ten sam produkt

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote...

CVE-2015-6404MEDIUM4.0ten sam produkt

Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote authenticated ...