CVE-2016-9197
Summary
| CVE | CVE-2016-9197 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-04-07 17:59:00 UTC |
| Updated | 2017-04-13 15:04:00 UTC |
| Description | A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected Releases: 8.3(102.0). |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Mobility Services Engine | 8.3.102.0 | All | All | All |
| Application | Cisco | Mobility Services Engine | 8.3.102.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers Shell Bypass Vulnerability | CONFIRM | tools.cisco.com | Vendor Advisory |
| Cisco Mobility Express 2800 and 3800 Series CVE-2016-9197 Local Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.