A vulnerability in the CLI of Cisco NX-OS System Software 7.1 up to and including 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the malicious user to read or write arbitrary files at the user's privilege level outside of the user's path. Cisco Bug IDs: CSCvb86787, CSCve60516, CSCve60555.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco nx-os 7.1\\(1\\)n1\\(1\\) |
||
cisco nx-os 7.2\\(0\\)zz\\(99.1\\) |
||
cisco nx-os 7.1\\(3\\)n1\\(2\\) |
||
cisco nx-os 7.2\\(1\\)n1\\(1\\) |
||
cisco nx-os 7.1\\(3\\)n1\\(1\\) |
||
cisco nx-os 7.1\\(4\\)n1\\(1\\) |
||
cisco nx-os 7.2\\(0\\)n1\\(1\\) |
||
cisco nx-os 7.3\\(0\\)n1\\(1\\) |
||
cisco nx-os 7.1\\(3\\)n1\\(3.12\\) |
||
cisco nx-os 7.2\\(0\\)d1\\(0.437\\) |
||
cisco nx-os 7.1\\(3\\)n1\\(2.1\\) |
||
cisco nx-os 7.1\\(2\\)n1\\(1\\) |