CVE-2016-6402

Published on: 09/18/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:12 PM UTC

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Certain versions of Unified Computing System from Cisco contain the following vulnerability:

UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

  • CVE-2016-6402 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 7.2 - HIGH

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability Vendor Advisory
tools.cisco.com
text/html
URL Logo CISCO 20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability
Cisco Unified Computing System CLI Interface Flaw Lets Local Users Obtain Root Privileges - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036831
Cisco Unified Computing System CVE-2016-6402 Local Privilege Escalation Vulnerability cve.report (archive)
text/html
URL Logo BID 92956

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoUnified Computing System2.2\(1b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1f\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1g\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1h\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2c\)aAllAllAll
ApplicationCiscoUnified Computing System2.2\(2d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3a\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3f\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3g\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(4b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(4c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(5a\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(5b\)aAllAllAll
ApplicationCiscoUnified Computing System2.2_baseAllAllAll
ApplicationCiscoUnified Computing System3.0\(1c\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(1d\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(1e\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(2c\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(2d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1f\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1g\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(1h\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2c\)aAllAllAll
ApplicationCiscoUnified Computing System2.2\(2d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(2e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3a\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3d\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3e\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3f\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(3g\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(4b\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(4c\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(5a\)AllAllAll
ApplicationCiscoUnified Computing System2.2\(5b\)aAllAllAll
ApplicationCiscoUnified Computing System2.2_baseAllAllAll
ApplicationCiscoUnified Computing System3.0\(1c\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(1d\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(1e\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(2c\)AllAllAll
ApplicationCiscoUnified Computing System3.0\(2d\)AllAllAll
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2c\)a:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(4b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(4c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(5a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(5b\)a:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2_base:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(2c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(2d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(1h\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2c\)a:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(2e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3f\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(3g\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(4b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(4c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(5a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2\(5b\)a:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:2.2_base:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1d\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(1e\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(2c\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:unified_computing_system:3.0\(2d\):*:*:*:*:*:*:*: