Information Security

Cisco UCSM Information Disclosure / Privilege Elevation

When I find or read about software vulnerabilities I often chalk the root cause of the flaw up to human error or ignorance.  Occasionally I see something that makes me scratch my head and really wish I knew what stream of logic and events caused something to occur.  The topic of this post is one of those.

The TLDR version of the story can be found on the Full Disclosure list.

Continue reading