Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/viewAlert.x?alertId=39517 | Vendor Advisory |
http://www.securityfocus.com/bid/75415 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1032728 | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2015-06-26 03:59
Updated : 2016-12-28 09:42
NVD link : CVE-2015-4224
Mitre link : CVE-2015-4224
JSON object : View
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Products Affected
cisco
- wireless_lan_controller_software