CVE-2016-6373

7.2HIGH

Key Information:

Vendor: Cisco
Status: Cloud Services Platform 2100
Vendor: CVE Published:; 22 September 2016

Summary

The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated administrators to execute arbitrary OS commands as root via crafted platform commands, aka Bug ID CSCva00541.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/93093

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1036865

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 22, 2016
Vulnerability Reserved
Jul 26, 2016