cisco-sa-nso-priv-esc-XXqRtTfT: Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability
First published: Wed Aug 04 2021(Updated: )
A vulnerability in Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which Cisco NSO is running, which is root by default. To exploit this vulnerability, an attacker must have a valid
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Crosswork Network Services Orchestrator | =5.8<5.8.11=5.7<5.7.13>=5.4=5.5<=5.6<5.6.14.1 | 5.8.11 5.7.13 5.6.14.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/cisco-recent
- source/Cisco
- agent/event
- agent/weakness
- agent/title
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/source
- agent/tags
- collector/cisco-advisory
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco crosswork network services orchestrator
- version/cisco crosswork network services orchestrator/5.8
- version/cisco crosswork network services orchestrator/5.7
- version/cisco crosswork network services orchestrator/5.4
- version/cisco crosswork network services orchestrator/5.5
- version/cisco crosswork network services orchestrator/5.6