CVE-2016-1340

Опубликовано: 16 апр. 2016

Источник: nvd

CVSS3: 8.4

CVSS2: 7.2

EPSS Низкий

Описание

Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2
Vendor Advisory
http://www.securitytracker.com/id/1035582
Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2
Vendor Advisory
http://www.securitytracker.com/id/1035582
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:unified_computing_system_platform_emulator:2.5\(2\)ts4:*:*:*:*:*:*:*

cpe:2.3:a:cisco:unified_computing_system_platform_emulator:3.0\(2c\)a:*:*:*:*:*:*:*

cpe:2.3:a:cisco:unified_computing_system_platform_emulator:3.0\(2c\)ts9:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00086

Низкий

8.4 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-prvx-6324-3rv7