What is the severity of cisco-sa-adeos-MLAyEcvk?

The severity of cisco-sa-adeos-MLAyEcvk is considered high due to the potential for local authenticated attackers to gain root privileges.

How do I fix cisco-sa-adeos-MLAyEcvk?

To fix cisco-sa-adeos-MLAyEcvk, apply the latest patches and updates provided by Cisco for the affected software products.

Can cisco-sa-adeos-MLAyEcvk be exploited remotely?

No, the vulnerabilities outlined in cisco-sa-adeos-MLAyEcvk require local authentication to be exploited.

What type of attack does cisco-sa-adeos-MLAyEcvk involve?

cisco-sa-adeos-MLAyEcvk involves an authenticated, local attack allowing privilege escalation from the restricted shell to root access.

Vulnerability/
cisco-sa-adeos-MLAyEcvk

high

CWE

5/4/2023

cisco-sa-adeos-MLAyEcvk: Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure Command Injection Vulnerabilities

First published: Wed Apr 05 2023(Updated: )

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the

Affected Software	Affected Version	How to fix
Cisco Evolved Programmable Network Manager
Cisco Identity Services Engine (ISE)
Cisco Prime Infrastructure

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-adeos-MLAyEcvk

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of cisco-sa-adeos-MLAyEcvk?
The severity of cisco-sa-adeos-MLAyEcvk is considered high due to the potential for local authenticated attackers to gain root privileges.
How do I fix cisco-sa-adeos-MLAyEcvk?
To fix cisco-sa-adeos-MLAyEcvk, apply the latest patches and updates provided by Cisco for the affected software products.
What products are affected by cisco-sa-adeos-MLAyEcvk?
The products affected by cisco-sa-adeos-MLAyEcvk include Cisco Evolved Programmable Network Manager, Cisco Identity Services Engine, and Cisco Prime Infrastructure.
Can cisco-sa-adeos-MLAyEcvk be exploited remotely?
No, the vulnerabilities outlined in cisco-sa-adeos-MLAyEcvk require local authentication to be exploited.
What type of attack does cisco-sa-adeos-MLAyEcvk involve?
cisco-sa-adeos-MLAyEcvk involves an authenticated, local attack allowing privilege escalation from the restricted shell to root access.

collector/cisco-recent
agent/type
agent/event
agent/last-modified-date
agent/first-publish-date
agent/title
agent/references
agent/severity
agent/weakness
agent/description
agent/softwarecombine
agent/tags
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco evolved programmable network manager
canonical/cisco identity services engine (ise)
canonical/cisco prime infrastructure

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.