Published: 14/10/2013 Updated: 16/10/2013
CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.1
VMScore: 605
Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Cisco NX-OS allows local users to gain privileges, and read or modify arbitrary files, via the sed (1) r and (2) w commands, aka Bug IDs CSCts56559, CSCts56565, CSCts56570, and CSCts56574.

Vendor Advisories

A vulnerability in the Stream Editor (sed) command-line filter in Cisco NX-OS Software could allow an authenticated, local attacker to read and write arbitrary files The vulnerability is due to an input validation issue An attacker could exploit this vulnerability by using the sed r and sed w commands A successful exploit could result in a comp ...