vulnerability

Cisco IOS: CVE-2016-6414: Cisco IOS and IOS XE iox Command Injection Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Sep 22, 2016	Oct 20, 2016	Jan 5, 2024

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Sep 22, 2016

Added

Oct 20, 2016

Modified

Jan 5, 2024

Description

iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.

Solution

cisco-ios-upgrade-latest

References

BID-93091
CVE-2016-6414
https://attackerkb.com/topics/CVE-2016-6414
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-iox

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today