Lucene search

CiscoCISCO-SA-20131008-CVE-2012-4075

HistoryOct 08, 2013 - 5:08 p.m.

Cisco NX-OS Software Arbitrary Code Execution Vulnerability

2013-10-0817:08:14

tools.cisco.com

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

Percentile

9.8%

JSON

A vulnerability in the input parsing of Cisco NX-OS Software could
allow an authenticated, local attacker to execute commands on the
underlying operating system.

The vulnerability is due to poor processing of parameters that include special characters. An attacker could
exploit this vulnerability by using the back quote character in certain command parameters. A
successful exploit could allow the attacker to access the bash shell and run arbitrary shell
commands with root privileges.

Cisco has confirmed the vulnerability in a security notice and has released software updates.

To exploit this vulnerability, an attacker requires authenticated access to the targeted system. Authenticated access may require the attacker to access trusted, internal networks. These access requirements could limit the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners

Node

cisconx_osMatch4.1

cisconx_osMatch4.2

cisconx_osMatch4.0\(0\)n1

cisconx_osMatch4.0\(1a\)n1

cisconx_osMatch4.0\(1a\)n2

cisconx_osMatch4.1\(3\)n1

cisconx_osMatch4.1\(3\)n2

cisconx_osMatch4.1\(2\)

cisconx_osMatch4.1\(3\)

cisconx_osMatch4.1\(4\)

cisconx_osMatch4.1\(5\)

cisconx_osMatch4.2\(2a\)

cisconx_osMatch4.2\(3\)

cisconx_osMatch4.2\(4\)

cisconx_osMatch4.0\(0\)n1\(1a\)

cisconx_osMatch4.0\(0\)n1\(2\)

cisconx_osMatch4.0\(0\)n1\(2a\)

cisconx_osMatch4.0\(1a\)n1\(1\)

cisconx_osMatch4.0\(1a\)n1\(1a\)

cisconx_osMatch4.0\(1a\)n2\(1\)

cisconx_osMatch4.0\(1a\)n2\(1a\)

cisconx_osMatch4.1\(3\)n1\(1\)

cisconx_osMatch4.1\(3\)n1\(1a\)

cisconx_osMatch4.1\(3\)n2\(1\)

cisconx_osMatch4.1\(3\)n2\(1a\)

VendorProductVersionCPE
cisconx_os4.1cpe:2.3:o:cisco:nx_os:4.1:*:*:*:*:*:*:*
cisconx_os4.2cpe:2.3:o:cisco:nx_os:4.2:*:*:*:*:*:*:*
cisconx_os4.0(0)n1cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n1cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n2cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:*:*:*:*:*:*:*
cisconx_os4.1(3)n1cpe:2.3:o:cisco:nx_os:4.1\(3\)n1:*:*:*:*:*:*:*
cisconx_os4.1(3)n2cpe:2.3:o:cisco:nx_os:4.1\(3\)n2:*:*:*:*:*:*:*
cisconx_os4.1(2)cpe:2.3:o:cisco:nx_os:4.1\(2\):*:*:*:*:*:*:*
cisconx_os4.1(3)cpe:2.3:o:cisco:nx_os:4.1\(3\):*:*:*:*:*:*:*
cisconx_os4.1(4)cpe:2.3:o:cisco:nx_os:4.1\(4\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nx_os	4.1	cpe:2.3:o:cisco:nx_os:4.1:::::::*
cisco	nx_os	4.2	cpe:2.3:o:cisco:nx_os:4.2:::::::*
cisco	nx_os	4.0(0)n1	cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:::::::*
cisco	nx_os	4.0(1a)n1	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:::::::*
cisco	nx_os	4.0(1a)n2	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:::::::*
cisco	nx_os	4.1(3)n1	cpe:2.3:o:cisco:nx_os:4.1\(3\)n1:::::::*
cisco	nx_os	4.1(3)n2	cpe:2.3:o:cisco:nx_os:4.1\(3\)n2:::::::*
cisco	nx_os	4.1(2)	cpe:2.3:o:cisco:nx_os:4.1\(2\):::::::*
cisco	nx_os	4.1(3)	cpe:2.3:o:cisco:nx_os:4.1\(3\):::::::*
cisco	nx_os	4.1(4)	cpe:2.3:o:cisco:nx_os:4.1\(4\):::::::*

Rows per page:

1-10 of 251

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131008-CVE-2012-4075

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS

Percentile

9.8%

JSON

Related for CISCO-SA-20131008-CVE-2012-4075