Vigil@nce - Cisco ASR: shell command execution
March 2018 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated local attacker can run shell commands under the
"root" system account on Cisco ASR, in order to raise its
privileges.
Impacted products: Cisco ASR.
Severity: 2/4.
Creation date: 19/01/2018.
DESCRIPTION OF THE VULNERABILITY
An authenticated local attacker can run shell commands under the
"root" system account on Cisco ASR, in order to raise its
privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Cisco-ASR-shell-command-execution-25124