Cisco多个产品权限提升漏洞

漏洞起因
设计错误
危险等级

影响系统
Cisco Identity Services Engine Software
Cisco Secure Access Control System (ACS)
Cisco Application Networking Manager (ANM)
Cisco Prime LAN Management Solution (LMS)
Cisco Prime Network Control System
Cisco Quad
Cisco Context Directory Agent
Cisco Prime Collaboration
Cisco Unified Provisioning Manager
Cisco Network Services Manager

不受影响系统

危害
本地攻击者可以利用漏洞获得root权限。

攻击所需条件
攻击者必须访问Cisco产品。

漏洞信息
Cisco Identity Services Engine Software, Secure Access Control System (ACS), Application Networking Manager (ANM), Prime LAN Management Solution (LMS), Prime Network Control System, Quad, Context Directory Agent, Prime Collaboration, Unified Provisioning Manager和Network Services Manager多个产品的命令行接口不正确校验用户输入,允许本地用户获得ROOT权限。
目前没有详细漏洞细节提供。

测试方法

厂商解决方案
目前没有详细解决方案提供:
http://www.cisco.com

漏洞提供者
cisco