CVE-2017-12255

CVE Database · CVE-2017-12255

CVE-2017-12255

· N/AModified

CVSS v3.1

N/A

EPSS

0.43%

Published

Sep 21, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the CLI of Cisco UCS Central Software could allow an authenticated, local attacker to gain shell access. The vulnerability is due to insufficient input validation of commands entered in the CLI, aka a Restricted Shell Break Vulnerability. An attacker could exploit this vulnerability by entering a specific command with crafted arguments. An exploit could allow the attacker to gain shell access to the underlying system. Cisco Bug IDs: CSCve70762.

Weaknesses (CWE)

CWE-20CWE-20

Affected Products (2)

cisco · unified_computing_systemvulnerable

cisco · unified_computing_system

References (6)

http://www.securityfocus.com/bid/100932

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039412

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-ucs

Vendor Advisory

http://www.securityfocus.com/bid/100932

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039412

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170920-ucs

KEV Catalog EPSS Scores Vendors All CVEs