cisco-sa-expw-escalation-3bkz77bD: Cisco Expressway Series Privilege Escalation Vulnerability
First published: Wed Oct 02 2024(Updated: )
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Expressway |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-expw-escalation-3bkz77bD?
The severity of cisco-sa-expw-escalation-3bkz77bD is rated as critical due to its potential for local privilege escalation.
How do I fix cisco-sa-expw-escalation-3bkz77bD?
To fix cisco-sa-expw-escalation-3bkz77bD, apply the available security patches provided by Cisco for the Expressway Series.
Who is affected by cisco-sa-expw-escalation-3bkz77bD?
The vulnerability cisco-sa-expw-escalation-3bkz77bD affects authenticated local users of the Cisco Expressway Series.
Can cisco-sa-expw-escalation-3bkz77bD be exploited remotely?
No, cisco-sa-expw-escalation-3bkz77bD requires local access for exploitation.
What are the potential consequences of cisco-sa-expw-escalation-3bkz77bD exploitation?
Exploitation of cisco-sa-expw-escalation-3bkz77bD could allow an attacker to gain root privileges on the underlying operating system.
- collector/cisco-recent
- source/Cisco
- agent/title
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/type
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco expressway