Description
Heap-based buffer overflow in Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows local users to gain privileges via crafted libclimeta.so filename arguments, aka Bug ID CSCux68837.
References (2)
Core 2
Core References
Third Party Advisory vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1035582
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2
Scores
CVSS v3
8.4
EPSS
0.0040
EPSS Percentile
31.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (3)
cisco/unified_computing_system_platform_emulator
2.5\(2\)ts4
cisco/unified_computing_system_platform_emulator
3.0\(2c\)a
cisco/unified_computing_system_platform_emulator
3.0\(2c\)ts9
Published
Apr 16, 2016
Tracked Since
Feb 18, 2026