Skip to main content

Improper Input Validation

CVE-2012-4109

Severity Medium
Score 6.8/10

Summary

The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86559.

  • LOW
  • LOCAL
  • SINGLE
  • COMPLETE
  • COMPLETE
  • COMPLETE

CWE-20 - Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

Advisory Timeline

  • Published