What is the severity of cisco-sa-20190703-cucdm-rsh?

The severity of cisco-sa-20190703-cucdm-rsh is considered high due to the potential for an authenticated attacker to escape the restricted shell.

How do I fix cisco-sa-20190703-cucdm-rsh?

To fix cisco-sa-20190703-cucdm-rsh, you should apply the latest software updates or patches provided by Cisco for the Unified Communications Domain Manager.

Who is affected by cisco-sa-20190703-cucdm-rsh?

Cisco Unified Communications Domain Manager users are affected by cisco-sa-20190703-cucdm-rsh, specifically those running vulnerable versions of the software.

What type of attack can be performed using cisco-sa-20190703-cucdm-rsh?

An authenticated, local attacker can exploit cisco-sa-20190703-cucdm-rsh to escape the restricted shell and potentially execute unauthorized commands.

Is authentication required to exploit cisco-sa-20190703-cucdm-rsh?

Yes, authentication is required to exploit cisco-sa-20190703-cucdm-rsh, as the attacker must be a local user.

Vulnerability/
cisco-sa-20190703-cucdm-rsh

medium

5.3

CWE

216 20

3/7/2019

cisco-sa-20190703-cucdm-rsh: Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability

First published: Wed Jul 03 2019(Updated: )

A vulnerability in the CLI of Cisco Unified Communications Domain Manager (Cisco Unified CDM) Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerability by executing crafted commands in the shell. A successful exploit could allow the attacker to escape the restricted shell and access commands in the context of the restricted shell user, which does not have root privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh

Affected Software	Affected Version	How to fix
Cisco Unified Communications Domain Manager Platform

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-cucdm-rsh (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2019-1911

Frequently Asked Questions

What is the severity of cisco-sa-20190703-cucdm-rsh?
The severity of cisco-sa-20190703-cucdm-rsh is considered high due to the potential for an authenticated attacker to escape the restricted shell.
How do I fix cisco-sa-20190703-cucdm-rsh?
To fix cisco-sa-20190703-cucdm-rsh, you should apply the latest software updates or patches provided by Cisco for the Unified Communications Domain Manager.
Who is affected by cisco-sa-20190703-cucdm-rsh?
Cisco Unified Communications Domain Manager users are affected by cisco-sa-20190703-cucdm-rsh, specifically those running vulnerable versions of the software.
What type of attack can be performed using cisco-sa-20190703-cucdm-rsh?
An authenticated, local attacker can exploit cisco-sa-20190703-cucdm-rsh to escape the restricted shell and potentially execute unauthorized commands.
Is authentication required to exploit cisco-sa-20190703-cucdm-rsh?
Yes, authentication is required to exploit cisco-sa-20190703-cucdm-rsh, as the attacker must be a local user.

agent/last-modified-date
agent/event
agent/type
collector/cisco-advisory
source/Cisco
agent/weakness
agent/severity
agent/title
agent/references
agent/first-publish-date
agent/description
agent/source
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco unified communications domain manager platform

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of cisco-sa-20190703-cucdm-rsh?
The severity of cisco-sa-20190703-cucdm-rsh is considered high due to the potential for an authenticated attacker to escape the restricted shell.
How do I fix cisco-sa-20190703-cucdm-rsh?
To fix cisco-sa-20190703-cucdm-rsh, you should apply the latest software updates or patches provided by Cisco for the Unified Communications Domain Manager.
Who is affected by cisco-sa-20190703-cucdm-rsh?
Cisco Unified Communications Domain Manager users are affected by cisco-sa-20190703-cucdm-rsh, specifically those running vulnerable versions of the software.
What type of attack can be performed using cisco-sa-20190703-cucdm-rsh?
An authenticated, local attacker can exploit cisco-sa-20190703-cucdm-rsh to escape the restricted shell and potentially execute unauthorized commands.
Is authentication required to exploit cisco-sa-20190703-cucdm-rsh?
Yes, authentication is required to exploit cisco-sa-20190703-cucdm-rsh, as the attacker must be a local user.