CVE-2016-6402

Published Sep 18, 2016

Last updated 8 years ago

CVSS high 7.8

Overview

Description: UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1b\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "859B1CD5-2005-4D86-B794-18E311AEDDA6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30F9E8E6-9F7D-4D3A-A952-B962219DC6C9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9D2CFFD-3050-4004-92F5-95E93DBB5560"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CB02F09-0323-47B4-87A7-4BFC64915093"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1f\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "853237D8-847B-48D9-8EB1-763530B98833"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1g\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62EB3042-14CE-43ED-A28E-FCE8A3CE0AD2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1h\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A57A4706-1AC1-4D21-A187-B59AD3FA4F30"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17BC5C43-2B2F-479A-8BEF-69EC8465203B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2c\\)a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "234C0F15-9E53-4C27-A0C3-DB124AC0959E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9709B885-6C6F-42DF-8B46-483B92FDD58D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C44E89FB-5878-48EC-B0B3-EA9E685FA37A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3a\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "430C45DB-B59A-40BD-A877-015155C2CEF1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3b\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9068CA60-F05F-4C32-9828-5E13C981C39C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29835968-61B4-4508-B904-C277243E588A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62AA4DDA-B12B-469B-BD8F-F3B6AE972476"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD80F588-9699-42CC-8AB6-0D8A16353EBB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3f\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCCEB4B3-D5CC-485F-972F-75B22759A878"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3g\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "657080ED-79A8-41B1-88C6-C66400D413B5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(4b\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D3A6638-C070-41B9-B098-9217122F4689"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(4c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3005E846-EAE3-4B91-8AC2-96CF2D53CDC0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(5a\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E32A101-DCE5-4057-B89A-DA2910FE3E06"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(5b\\)a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6E75D27-B3F7-4597-B652-BE389BF32752"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "280856B2-45F4-413B-AA46-1B1741626584"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F96C8D0C-B97C-4F92-A15E-52E312CB7837"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA860437-AAF6-4C50-8D44-5AA5E803A626"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "171D3C3B-CE1E-4B52-B6EE-C65655034F9B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(2c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5DD19B5-2EEE-4ADC-8213-B9FD1BD9C135"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(2d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FE1D17E-E57A-4469-A2F0-FDA4FDCBC523"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References