SB2016071502 - Input validation error in Cisco IOS XR

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016071502

SB2016071502 - Input validation error in Cisco IOS XR

Published: July 15, 2016 Updated: July 12, 2020

Security Bulletin ID SB2016071502
Severity
Low
Patch available
NO
Number of vulnerabilities 1
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Input validation error (CVE-ID: CVE-2016-1456)

The vulnerability allows a local user to obtain elevated privileges on the target system.

The vulnerability exists due to insufficient input validation. A local user can cause execute arbitrary commands by submitting crafted input to a command in a specific container.

Successful exploitation of this vulnerability may result in arbitrary commands execution with root privileges.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References