What is the severity of CVE-2016-6402?

CVE-2016-6402 has a severity rating of critical due to the potential for local users to gain root access.

How do I fix CVE-2016-6402?

To fix CVE-2016-6402, upgrade to a version of Cisco UCS Manager or UCS 6200 Fabric Interconnects that is later than 3.0(2d).

Who is affected by CVE-2016-6402?

CVE-2016-6402 affects local users of Cisco Unified Computing System software versions up to 3.0(2d).

What does CVE-2016-6402 allow attackers to do?

CVE-2016-6402 allows local attackers to obtain OS root access through crafted command-line interface input.

When was CVE-2016-6402 disclosed?

CVE-2016-6402 was disclosed on September 14, 2016.

Vulnerability/
CVE-2016-6402

high

7.8

CWE

264

18/9/2016

6/8/2024

CVE-2016-6402

First published: Sun Sep 18 2016(Updated: )

UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Unified Computing System software	=2.2\(1b\)
Cisco Unified Computing System software	=2.2\(1c\)
Cisco Unified Computing System software	=2.2\(1d\)
Cisco Unified Computing System software	=2.2\(1e\)
Cisco Unified Computing System software	=2.2\(1f\)
Cisco Unified Computing System software	=2.2\(1g\)
Cisco Unified Computing System software	=2.2\(1h\)
Cisco Unified Computing System software	=2.2\(2c\)
Cisco Unified Computing System software	=2.2\(2c\)a
Cisco Unified Computing System software	=2.2\(2d\)
Cisco Unified Computing System software	=2.2\(2e\)
Cisco Unified Computing System software	=2.2\(3a\)
Cisco Unified Computing System software	=2.2\(3b\)
Cisco Unified Computing System software	=2.2\(3c\)
Cisco Unified Computing System software	=2.2\(3d\)
Cisco Unified Computing System software	=2.2\(3e\)
Cisco Unified Computing System software	=2.2\(3f\)
Cisco Unified Computing System software	=2.2\(3g\)
Cisco Unified Computing System software	=2.2\(4b\)
Cisco Unified Computing System software	=2.2\(4c\)
Cisco Unified Computing System software	=2.2\(5a\)
Cisco Unified Computing System software	=2.2\(5b\)a
Cisco Unified Computing System software	=2.2_base
Cisco Unified Computing System software	=3.0\(1c\)
Cisco Unified Computing System software	=3.0\(1d\)
Cisco Unified Computing System software	=3.0\(1e\)
Cisco Unified Computing System software	=3.0\(2c\)
Cisco Unified Computing System software	=3.0\(2d\)

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6402?
CVE-2016-6402 has a severity rating of critical due to the potential for local users to gain root access.
How do I fix CVE-2016-6402?
To fix CVE-2016-6402, upgrade to a version of Cisco UCS Manager or UCS 6200 Fabric Interconnects that is later than 3.0(2d).
Who is affected by CVE-2016-6402?
CVE-2016-6402 affects local users of Cisco Unified Computing System software versions up to 3.0(2d).
What does CVE-2016-6402 allow attackers to do?
CVE-2016-6402 allows local attackers to obtain OS root access through crafted command-line interface input.
When was CVE-2016-6402 disclosed?
CVE-2016-6402 was disclosed on September 14, 2016.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
agent/last-modified-date
agent/author
agent/severity
agent/softwarecombine
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco unified computing system software
version/cisco unified computing system software/2.2\(1b\)
version/cisco unified computing system software/2.2\(1c\)
version/cisco unified computing system software/2.2\(1d\)
version/cisco unified computing system software/2.2\(1e\)
version/cisco unified computing system software/2.2\(1f\)
version/cisco unified computing system software/2.2\(1g\)
version/cisco unified computing system software/2.2\(1h\)
version/cisco unified computing system software/2.2\(2c\)
version/cisco unified computing system software/2.2\(2c\)a
version/cisco unified computing system software/2.2\(2d\)
version/cisco unified computing system software/2.2\(2e\)
version/cisco unified computing system software/2.2\(3a\)
version/cisco unified computing system software/2.2\(3b\)
version/cisco unified computing system software/2.2\(3c\)
version/cisco unified computing system software/2.2\(3d\)
version/cisco unified computing system software/2.2\(3e\)
version/cisco unified computing system software/2.2\(3f\)
version/cisco unified computing system software/2.2\(3g\)
version/cisco unified computing system software/2.2\(4b\)
version/cisco unified computing system software/2.2\(4c\)
version/cisco unified computing system software/2.2\(5a\)
version/cisco unified computing system software/2.2\(5b\)a
version/cisco unified computing system software/2.2_base
version/cisco unified computing system software/3.0\(1c\)
version/cisco unified computing system software/3.0\(1d\)
version/cisco unified computing system software/3.0\(1e\)
version/cisco unified computing system software/3.0\(2c\)
version/cisco unified computing system software/3.0\(2d\)

CVE-2016-6402

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6402?

How do I fix CVE-2016-6402?

Who is affected by CVE-2016-6402?

What does CVE-2016-6402 allow attackers to do?

When was CVE-2016-6402 disclosed?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2016-6402?

How do I fix CVE-2016-6402?

Who is affected by CVE-2016-6402?

What does CVE-2016-6402 allow attackers to do?

When was CVE-2016-6402 disclosed?