CVE-2016-9197

Published: Apr 7, 2017Modified: May 13, 2026

6.7

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351. Known Affected Releases: 8.3(102.0).

Affected (1)

Products: Cisco: Mobility Services Engine

1 product

Mobility Services Engine

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Mobility Services Engine	Version 8.3.102.0

Related CWEs

References (4)

http://www.securityfocus.com/bid/97469

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cme

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/97469

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-cme

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.