Cisco Unified Computing System CVE-2012-4109 Local Command Injection Vulnerability

Cisco Unified Computing System is prone to a local command-injection vulnerability in the fabric interconnect component because it fails to properly validate user-supplied input.

A local attacker can exploit this issue to execute arbitrary commands with root privileges. Successful exploits may compromise the affected device.

This issue is being tracked by Cisco Bug ID CSCtq86559.


 

Privacy Statement
Copyright 2010, SecurityFocus