Local Privilege Escalation in Brocade Vyatta 5400 vRouter
CVE-2014-4870

Currently unrated

Key Information:

Vendor: Brocade
Status: Vyatta 5400 Vrouter Software; Vyatta 5400 Vrouter
Vendor: CVE Published:; 7 October 2014

What is CVE-2014-4870?

A vulnerability exists in the Brocade Vyatta 5400 vRouter where the 'vyatta-clear-dhcp-lease.pl' script does not adequately validate input parameters. This flaw allows local users to exploit the sudo configuration, potentially granting them elevated privileges. As a result, unauthorized actions could be executed within the system, posing a significant security risk to the integrity of the environment.

References

http://www.kb.cert.org/vuls/id/111588

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Oct 7, 2014
Vulnerability Reserved
Jul 10, 2014