What is CVE-2016-6402?

CVE-2016-6402 is a high-severity vulnerability in Cisco Unified_computing_system, classified under CWE-264. CVSS score: 7.8/10. Published 2016-09-18.

How severe is CVE-2016-6402?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Cisco Unified_computing_system

CVE-2016-6402

UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.

EPSS: 0.001 (24.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Unified_computing_system — versions 2.2\(1b\), 2.2\(1c\), 2.2\(1d\)
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

1036831 (vdb-entry, x_refsource_SECTRACK)
92956 (vdb-entry, x_refsource_BID)
20160914 Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2016-6402?: CVE-2016-6402 is a high-severity vulnerability in Cisco Unified_computing_system, classified under CWE-264. CVSS score: 7.8/10. Published 2016-09-18.
How severe is CVE-2016-6402?: High severity. CVSS v3 base score is 7.8 out of 10.