Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XE 3S Platforms Series root Shell License Bypass Vulnerability

cisco-sa-20151130-iosxe3s · Medium · Published · Updated

A vulnerability in one of the diagnostic commands in the Cisco IOS XE operating system for Cisco IOS XE 3S platforms could allow an authenticated, privileged, local attacker to gain restricted root shell access. The root shell is provided for advanced troubleshooting with Cisco Technical Assistance Center (TAC) engineers and requires a license. The vulnerability occurs because the parameters to diagnostic commands at the command-line interface (CLI) are not properly validated. An attacker could exploit this vulnerability by authenticating to the affected device at privileged level 15 and providing crafted parameters to the diagnostic commands. An exploit could allow the authenticated, privileged attacker to bypass the license required for root shell access. If the authenticated user obtains root shell access, further compromise may be possible. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-iosxe3s

Cisco advisory ·CSAF JSON

Workarounds

The diagnostic commands can be blocked at the CLI using TACACS+ command authorization. The list of commands to be blocked and instructions for implementation are at the following link:

http://www.cisco.com/web/about/security/intelligence/ios-xe-integrity-assurance.html#_Toc392234313http://www.cisco.com/web/about/security/intelligence/ios-xe-integrity-assurance.html#_Toc392234313

CVEsCVE-2015-6383
Cisco Bug IDsCSCuv93130
CVSS ScoreBase 6.8
Base 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco ASR 1000 Series Aggregation Services Routers, Cisco IOS XE Software 3.7.0S, Cisco IOS XE Software 3.7.1S, Cisco IOS XE Software 3.7.2S, Cisco IOS XE Software 3.7.3S, Cisco IOS XE Software 3.7.4S, Cisco IOS XE Software 3.7.5S, Cisco IOS XE Software 3.7.6S, Cisco IOS XE Software 3.7.7S, Cisco IOS XE Software 3.8.0S, Cisco IOS XE Software 3.8.1S, Cisco IOS XE Software 3.8.2S, Cisco IOS XE Software 3.9.1S, Cisco IOS XE Software 3.9.0S, Cisco IOS XE Software 3.9.2S, Cisco IOS XE Software 3.10.0S, Cisco IOS XE Software 3.10.1S, Cisco IOS XE Software 3.10.2S, Cisco IOS XE Software 3.10.0aS, Cisco IOS XE Software 3.10.3S, Cisco IOS XE Software 3.10.4S, Cisco IOS XE Software 3.10.5S, Cisco IOS XE Software 3.10.6S, Cisco IOS XE Software 3.10.01S, Cisco IOS XE Software 3.11.1S, Cisco IOS XE Software 3.11.2S, Cisco IOS XE Software 3.11.0S, Cisco IOS XE Software 3.11.3S, Cisco IOS XE Software 3.11.4S, Cisco IOS XE Software 3.12.0S, Cisco IOS XE Software 3.12.1S, Cisco IOS XE Software 3.12.2S, Cisco IOS XE Software 3.12.3S, Cisco IOS XE Software 3.13.0S, Cisco IOS XE Software 3.13.1S, Cisco IOS XE Software 3.13.2S, Cisco IOS XE Software 3.13.3S, Cisco IOS XE Software 3.14.0S, Cisco IOS XE Software 3.14.1S, Cisco IOS XE Software 3.14.2S, Cisco IOS XE Software 3.14.3S, Cisco IOS XE Software 3.14.4S, Cisco IOS XE Software 3.15.0S, Cisco IOS XE Software 3.15.1S, Cisco IOS XE Software 3.16.0S, Cisco IOS XE Software

CSAF Product Statuses

Product Status Source CVE Rows
3.10.01S known_affected cisco_csaf CVE-2015-6383 1
3.10.0aS known_affected cisco_csaf CVE-2015-6383 1
3.10.0S known_affected cisco_csaf CVE-2015-6383 1
3.10.1S known_affected cisco_csaf CVE-2015-6383 1
3.10.2S known_affected cisco_csaf CVE-2015-6383 1
3.10.3S known_affected cisco_csaf CVE-2015-6383 1
3.10.4S known_affected cisco_csaf CVE-2015-6383 1
3.10.5S known_affected cisco_csaf CVE-2015-6383 1
3.10.6S known_affected cisco_csaf CVE-2015-6383 1
3.11.0S known_affected cisco_csaf CVE-2015-6383 1
3.11.1S known_affected cisco_csaf CVE-2015-6383 1
3.11.2S known_affected cisco_csaf CVE-2015-6383 1

Showing 12 of 45 CSAF status groups; 33 more not shown.

Related Products

Product CVE Evidence
Cisco Catalyst 9300 Series Switches CVE-2015-6383 Cisco OpenVuln · software-dependent
Cisco ASR 1000 Series Aggregation Services Routers CVE-2015-6383 Cisco OpenVuln · family-level
Cisco IOS XE Software CVE-2015-6383 Cisco OpenVuln
Cisco IOS CVE-2015-6383 Cisco OpenVuln
Cisco Catalyst 9200 Series Switches CVE-2015-6383 Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches CVE-2015-6383 Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches CVE-2015-6383 Cisco OpenVuln · software-dependent
Cisco Catalyst 9600 Series Switches CVE-2015-6383 Cisco OpenVuln · software-dependent
Cisco IOS Software CVE-2015-6383 Cisco OpenVuln