Cisco Integrated Management Controller CVE-2017-6619 Remote Command Execution Vulnerability

Cisco Integrated Management Controller is prone to a remote command-execution vulnerability because it fails to properly sanitize user-supplied input.

Successful exploit allows an attacker to execute arbitrary commands with root privileges.

This issue is being tracked by Cisco Bug ID CSCvd14591.

Information

Bugtraq ID: 97925
Class: Input Validation Error
CVE: CVE-2017-6619

Remote: Yes
Local: No
Published: Apr 19 2017 12:00AM
Updated: Apr 19 2017 12:00AM
Credit: Cisco
Vulnerable: Cisco Unified Computing System 3.0(1c)
Cisco Integrated Management Controller 0

Not Vulnerable: Cisco Unified Computing System 3.0(1d)

References:

• Cisco Homepage (Cisco )
  
• Cisco Integrated Management Controller Command Execution Vulnerability (Cisco)
  

Source: www.securityfocus.com