Cisco Intersight is an application platform from Cisco, Inc. It provides a level of intelligent management that enables IT organizations to analyze, simplify, and automate their environments in a more advanced way than previous generations of tools. A command injection vulnerability exists in the Cisco Intersight Private Virtual Appliance that stems from insufficient input validation when extracting uploaded packages, which can be exploited by an authenticated, remote attacker to execute arbitrary commands with root privileges.
CPE | Name | Operator | Version |
---|---|---|---|
cisco cisco intersight private virtual appliance | eq | 1.0.9 |