VAR-201411-0244
Vulnerability from variot - Updated: 2025-04-13 23:29Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176. Local attackers can exploit these issues to execute arbitrary commands with root privileges. This issue is being tracked by Cisco Bug ID CSCuq38176
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0244",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "b230 m2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b440 m2",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b460 m4",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b260 m4",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b22 m3",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b200 m3",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b200 m4",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "b420 m3",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b200 m3 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b200 m4 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b22 m3 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b230 m2 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b260 m4 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b420 m3 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b440 m2 high performance blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ucs b460 m4 blade server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "unified computing system software",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "2.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:b200_m3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b200_m4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b22_m3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b230_m2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b260_m4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b420_m3",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b440_m2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:b460_m4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:unified_computing_system_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "70969"
}
],
"trust": 0.3
},
"cve": "CVE-2014-7989",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "CVE-2014-7989",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "VHN-75934",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-7989",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-7989",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-108",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-75934",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176. \nLocal attackers can exploit these issues to execute arbitrary commands with root privileges. \nThis issue is being tracked by Cisco Bug ID CSCuq38176",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-7989"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "BID",
"id": "70969"
},
{
"db": "VULHUB",
"id": "VHN-75934"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-7989",
"trust": 2.8
},
{
"db": "BID",
"id": "70969",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1031178",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-75934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75934"
},
{
"db": "BID",
"id": "70969"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"id": "VAR-201411-0244",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-75934"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:29:40.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Unified Computing System B-Series Servers Privilege Escalation Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7989"
},
{
"title": "36350",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=36350"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75934"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-7989"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/70969"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1031178"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98530"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7989"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7989"
},
{
"trust": 0.3,
"url": "www.cisco.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-75934"
},
{
"db": "BID",
"id": "70969"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-75934"
},
{
"db": "BID",
"id": "70969"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-07T00:00:00",
"db": "VULHUB",
"id": "VHN-75934"
},
{
"date": "2014-11-06T00:00:00",
"db": "BID",
"id": "70969"
},
{
"date": "2014-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"date": "2014-11-07T11:55:03.860000",
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-75934"
},
{
"date": "2014-11-06T00:00:00",
"db": "BID",
"id": "70969"
},
{
"date": "2014-11-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005286"
},
{
"date": "2014-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-108"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-7989"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "70969"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Computing System B Vulnerability in which shell privileges are acquired on a series blade server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005286"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-108"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…