Root privilege flaw in Cisco controller

A vulnerability was reported in Cisco Application Policy Infrastructure Controller.
A vulnerability was reported in Cisco Application Policy Infrastructure Controller.

An access control vulnerability – that allows root access via a local system – was reported in a Cisco Application Policy Infrastructure Controller, according to Security Tracker.

"A local user can exploit an access control flaw in the boot manager to gain root access to the execute arbitrary commands on the target system with root privileges," the researchers stated.

The bug has been designated CSCuu83985 by Cisco and a fix has been issued by the vendor.

The advisory is here.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS