Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller administrative privileges, aka Bug ID CSCus61123.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0660 | Vendor Advisory |
http://www.securitytracker.com/id/1031924 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2015-03-14T01:00:00
Updated: 2015-03-17T17:57:01
Reserved: 2015-01-07T00:00:00
Link: CVE-2015-0660
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-03-14T01:59:09.033
Modified: 2015-10-28T02:17:57.233
Link: CVE-2015-0660
JSON object: View
Redhat Information
No data.
CWE