{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-09-14T00:00:00", "descriptions": [{"lang": "en", "value": "UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-29T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1036831", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036831"}, {"name": "92956", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92956"}, {"name": "20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-6402", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1036831", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036831"}, {"name": "92956", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92956"}, {"name": "20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:29:19.748Z"}, "title": "CVE Program Container", "references": [{"name": "1036831", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036831"}, {"name": "92956", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/92956"}, {"name": "20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-6402", "datePublished": "2016-09-18T22:00:00", "dateReserved": "2016-07-26T00:00:00", "dateUpdated": "2024-08-06T01:29:19.748Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "859B1CD5-2005-4D86-B794-18E311AEDDA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "30F9E8E6-9F7D-4D3A-A952-B962219DC6C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1d\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9D2CFFD-3050-4004-92F5-95E93DBB5560", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1e\\):*:*:*:*:*:*:*", "matchCriteriaId": "3CB02F09-0323-47B4-87A7-4BFC64915093", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1f\\):*:*:*:*:*:*:*", "matchCriteriaId": "853237D8-847B-48D9-8EB1-763530B98833", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1g\\):*:*:*:*:*:*:*", "matchCriteriaId": "62EB3042-14CE-43ED-A28E-FCE8A3CE0AD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(1h\\):*:*:*:*:*:*:*", "matchCriteriaId": "A57A4706-1AC1-4D21-A187-B59AD3FA4F30", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2c\\):*:*:*:*:*:*:*", "matchCriteriaId": "17BC5C43-2B2F-479A-8BEF-69EC8465203B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2c\\)a:*:*:*:*:*:*:*", "matchCriteriaId": "234C0F15-9E53-4C27-A0C3-DB124AC0959E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2d\\):*:*:*:*:*:*:*", "matchCriteriaId": "9709B885-6C6F-42DF-8B46-483B92FDD58D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(2e\\):*:*:*:*:*:*:*", "matchCriteriaId": "C44E89FB-5878-48EC-B0B3-EA9E685FA37A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3a\\):*:*:*:*:*:*:*", "matchCriteriaId": "430C45DB-B59A-40BD-A877-015155C2CEF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3b\\):*:*:*:*:*:*:*", "matchCriteriaId": "9068CA60-F05F-4C32-9828-5E13C981C39C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3c\\):*:*:*:*:*:*:*", "matchCriteriaId": "29835968-61B4-4508-B904-C277243E588A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3d\\):*:*:*:*:*:*:*", "matchCriteriaId": "62AA4DDA-B12B-469B-BD8F-F3B6AE972476", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3e\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD80F588-9699-42CC-8AB6-0D8A16353EBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3f\\):*:*:*:*:*:*:*", "matchCriteriaId": "BCCEB4B3-D5CC-485F-972F-75B22759A878", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(3g\\):*:*:*:*:*:*:*", "matchCriteriaId": "657080ED-79A8-41B1-88C6-C66400D413B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(4b\\):*:*:*:*:*:*:*", "matchCriteriaId": "8D3A6638-C070-41B9-B098-9217122F4689", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(4c\\):*:*:*:*:*:*:*", "matchCriteriaId": "3005E846-EAE3-4B91-8AC2-96CF2D53CDC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(5a\\):*:*:*:*:*:*:*", "matchCriteriaId": "1E32A101-DCE5-4057-B89A-DA2910FE3E06", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2\\(5b\\)a:*:*:*:*:*:*:*", "matchCriteriaId": "E6E75D27-B3F7-4597-B652-BE389BF32752", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:2.2_base:*:*:*:*:*:*:*", "matchCriteriaId": "280856B2-45F4-413B-AA46-1B1741626584", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "F96C8D0C-B97C-4F92-A15E-52E312CB7837", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1d\\):*:*:*:*:*:*:*", "matchCriteriaId": "AA860437-AAF6-4C50-8D44-5AA5E803A626", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(1e\\):*:*:*:*:*:*:*", "matchCriteriaId": "171D3C3B-CE1E-4B52-B6EE-C65655034F9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(2c\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5DD19B5-2EEE-4ADC-8213-B9FD1BD9C135", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_computing_system:3.0\\(2d\\):*:*:*:*:*:*:*", "matchCriteriaId": "1FE1D17E-E57A-4469-A2F0-FDA4FDCBC523", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263."}, {"lang": "es", "value": "UCS Manager y UCS 6200 Fabric Interconnects en Cisco Unified Computing System (UCS) hasta la versi\u00f3n 3.0(2d) permiten a usuarios locales obtener acceso root del SO a trav\u00e9s de una entrada CLI manipulada, vulnerabilidad tambi\u00e9n conocida como Bug ID CSCuz91263."}], "id": "CVE-2016-6402", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-09-18T22:59:11.550", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/92956"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1036831"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/92956"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036831"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}