SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Multimedia)  >   Cisco TelePresence Vendors:   Cisco
Cisco Virtual TelePresence Server Serial Console Lets Local Users Gain Root Privileges
SecurityTracker Alert ID:  1031924
SecurityTracker URL:  http://securitytracker.com/id/1031924
CVE Reference:   CVE-2015-0660   (Links to External Site)
Date:  Mar 13 2015
Impact:   Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Virtual TelePresence Server. A local user can obtain root privileges on the target system.

A local administrative user on the vSphere controller can exploit an undocumented privileged access through the serial connection to gain shell access on the target system with root privileges.

The vendor has assigned bug ID CSCus61123 to this vulnerability.

Impact:   A local user can obtain root privileges on the target system.
Solution:   The vendor has issued a fix.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0660

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0660 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC