ID de Prueba:	1.3.6.1.4.1.25623.1.0.106337
Categoría:	CISCO
Título:	Cisco IOS XR Software Command-Line Interface Privilege Escalation Vulnerability (cisco-sa-20161005-iosxr)
Resumen:	A vulnerability in the command-line interface (CLI) of IOS-XR; series software could allow an authenticated, local attacker to execute arbitrary code on a; targeted system at the root privilege level.
Descripción:	Summary: A vulnerability in the command-line interface (CLI) of IOS-XR series software could allow an authenticated, local attacker to execute arbitrary code on a targeted system at the root privilege level. Vulnerability Insight: The vulnerability is due to incorrect permissions given to a set of users. An attacker could exploit this vulnerability by authenticating to the device and sending crafted user input to execute commands on the underlying operating system. The user has to be logged-in to the device with valid admin credentials. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6428 BugTraq ID: 93416 http://www.securityfocus.com/bid/93416 Cisco Security Advisory: 20161005 Cisco IOS XR Software Command-Line Interface Privilege Escalation Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-iosxr http://www.securitytracker.com/id/1036956
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.