Medium severity6.7NVD Advisory· Published Sep 21, 2017· Updated May 13, 2026

CVE-2017-12255

Description

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this vulnerability by entering a specific command with crafted arguments. An exploit could allow the attacker to gain shell access to the underlying system. Cisco Bug IDs: CSCve70762.

Affected products

Cisco Systems, Inc./Unified Computing System
cpe:2.3:a:cisco:unified_computing_system:1.5\(1c\):*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100932nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039412nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-ucsnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.436
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000