Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/viewAlert.x?alertId=39569 | Vendor Advisory |
http://www.securityfocus.com/bid/75503 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1032764 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2015-07-03 03:59
Updated : 2016-12-28 09:18
NVD link : CVE-2015-4232
Mitre link : CVE-2015-4232
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
cisco
- nexus_93120tx
- mds_9200
- nexus_9336pq_aci_spine
- nexus_9372px
- nexus_9504
- mds_9700
- mds_9100
- nexus_93128tx
- nexus_9372tx
- mds_9500
- nexus_9516
- nexus_9508
- nx-os
- nexus_9332pq
- nexus_9396px
- nexus_9396tx