CVE-2014-7990 Information

Feb 14, 2021 cve

Description

Cisco IOS XE 3.5E and earlier on WS-C3850 WS-C3860 and AIR-CT5760 devices does not properly parse the \request system shell\ challenge response which allows local users to obtain Linux root access by leveraging administrative privilege aka Bug ID CSCur09815.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7990 http://tools.cisco.com/security/center/viewAlert.x?alertId=36351 http://www.securityfocus.com/bid/70968 http://www.securitytracker.com/id/1031179 https://exchange.xforce.ibmcloud.com/vulnerabilities/98529

Share on: