Cisco IOS XE privilege elevation Vulnerability(CVE-2 0 1 5-6 3 8 3)-vulnerability warning-the black bar safety net

2015-12-07T00:00:00
ID MYHACK58:62201569788
Type myhack58
Reporter 佚名
Modified 2015-12-07T00:00:00

Description

CVE(CAN) ID: CVE-2 0 1 5-6 3 8 3

Cisco IOS is most Cisco Systems routers and network switches are used on the Internetoperating system.

ASR 1 0 0 0 on the device, Cisco IOS XE 15.4(3)S did not load properly package, local users through CLI, enter the configuration file name, use this vulnerability to bypass certificate restrictions and access to some root privileges.

<*source: Cisco

Links: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-asa *>

Recommendations:

Manufacturers patch:

Cisco \ ----- Cisco has released a security Bulletin cisco-sa-2 0 1 5 1 1 3 0-asa as well as the corresponding patch: cisco-sa-2 0 1 5 1 1 3 0-asa: Cisco ASR 1 0 0 0 Series Root Shell License Bypass Vulnerability Links: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-asa