[原文]Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
Cisco Unified CallManager contains a flaw that may allow a malicious administrator to gain access to unauthorized privileges in the OS. The issue is triggered when an unspecified CLI vulnerability is exploited by a logged-on administrator to execute arbitrary commands. This flaw may lead to a loss of integrity.
Upgrade to version 5.0(4) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.