A vulnerability in the TACACS+ command authorization feature of Cisco NX-OS Software could allow an authenticated, local malicious user to cause the system to reset. The vulnerability is due to incorrect processing of very long command-line interface (CLI) commands by the TACACS+ command authorization feature. An attacker could exploit this vulnerability by being locally authenticated and executing a long CLI command that is subject to command authorization. An exploit could allow the malicious user to cause the device to reload. Cisco has confirmed the vulnerability in a security notice and released software updates. To exploit this vulnerability, an attacker must authenticate and have local access to a targeted system. These requirements would likely reduce the possibility of a successful exploit. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco nx-os - |
Vulmon