CVE-2012-4106
First published: Sun Oct 13 2013(Updated: )
The fabric-interconnect component in Cisco Unified Computing System (UCS) uses the same privilege level for execution of every script, which allows local users to gain privileges and execute arbitrary commands via an unspecified script-execution approach, aka Bug ID CSCtq86477.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Computing System software |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4106?
CVE-2012-4106 has been categorized as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2012-4106?
To mitigate CVE-2012-4106, it is recommended to update the Cisco Unified Computing System software to the latest version that addresses this vulnerability.
Who is affected by CVE-2012-4106?
CVE-2012-4106 affects local users of Cisco Unified Computing System who can execute scripts with elevated privileges.
What are the potential impacts of CVE-2012-4106?
An attacker exploiting CVE-2012-4106 could gain elevated privileges and execute arbitrary commands on the affected system.
Is there a workaround for CVE-2012-4106?
Currently, there are no documented workarounds for CVE-2012-4106, so updating the software is the primary recommendation.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified computing system software