CVE-2015-6426
Cisco Prime Network Services Controller 3.0 - Local Command Execution via Parameter Injection
Title source: llmDescription
Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restrictions and execute arbitrary commands via additional parameters to an unspecified command, aka Bug ID CSCus99427.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151217-pnsc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/79582
Scores
EPSS
0.0037
EPSS Percentile
29.3%
Details
CWE
CWE-20
Status
published
Products (1)
cisco/prime_network_services_controller
3.0.0
Published
Dec 18, 2015
Tracked Since
Feb 18, 2026