Privilege Escalation Vulnerability in Cisco Mobility Services Engine
CVE-2015-4282

Currently unrated

Key Information:

Vendor: Cisco
Status: Mobility Services Engine
Vendor: CVE Published:; 6 November 2015

Summary

The Cisco Mobility Services Engine (MSE) up to version 8.0.120.7 is susceptible to a privilege escalation vulnerability due to improperly configured permissions on certain binary files. This weakness allows local users to gain unauthorized root privileges by manipulating specific files. Organizations using the MSE should review their file permission settings and implement necessary security measures to mitigate this risk. For further details, consult Cisco's advisory and associated security references.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1034066

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/77435

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 6, 2015
Vulnerability Reserved
Jun 4, 2015