Lucene search

CiscoCISCO-SA-20131009-CVE-2012-4076

HistoryOct 09, 2013 - 3:12 p.m.

Cisco NX-OS Software Input Validation Vulnerability

2013-10-0915:12:02

tools.cisco.com

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

EPSS

Percentile

5.1%

JSON

A vulnerability in the input parsing of Cisco NX-OS Software could
allow an unauthenticated, local attacker to execute commands on the
underlying operating system.

The vulnerability is due to poor processing of parameters that include special characters. An attacker could
exploit this vulnerability by using using the Linux pipe symbol ( | ) within a command that executes a system() call. A
successful exploit could allow the attacker access to the bash shell and run arbitrary shell
commands with administrative privileges.

Cisco has confirmed the vulnerability in a security notice and has released software updates.

To exploit this vulnerability, an attacker requires authenticated access to the targeted system. Authenticated access may require the attacker to access trusted, internal networks. These access requirements could limit the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Affected configurations

Vulners

Node

cisconx_osMatch4.1

cisconx_osMatch4.2

cisconx_osMatch4.0\(0\)n1

cisconx_osMatch4.0\(1a\)n1

cisconx_osMatch4.0\(1a\)n2

cisconx_osMatch4.1\(3\)n1

cisconx_osMatch4.1\(3\)n2

cisconx_osMatch4.2\(1\)n1

cisconx_osMatch4.1\(2\)

cisconx_osMatch4.1\(3\)

cisconx_osMatch4.1\(4\)

cisconx_osMatch4.1\(5\)

cisconx_osMatch4.2\(2a\)

cisconx_osMatch4.2\(3\)

cisconx_osMatch4.2\(4\)

cisconx_osMatch4.0\(0\)n1\(1a\)

cisconx_osMatch4.0\(0\)n1\(2\)

cisconx_osMatch4.0\(0\)n1\(2a\)

cisconx_osMatch4.0\(1a\)n1\(1\)

cisconx_osMatch4.0\(1a\)n1\(1a\)

cisconx_osMatch4.0\(1a\)n2\(1\)

cisconx_osMatch4.0\(1a\)n2\(1a\)

cisconx_osMatch4.1\(3\)n1\(1\)

cisconx_osMatch4.1\(3\)n1\(1a\)

cisconx_osMatch4.1\(3\)n2\(1\)

cisconx_osMatch4.1\(3\)n2\(1a\)

cisconx_osMatch4.2\(1\)n1\(1\)

VendorProductVersionCPE
cisconx_os4.1cpe:2.3:o:cisco:nx_os:4.1:*:*:*:*:*:*:*
cisconx_os4.2cpe:2.3:o:cisco:nx_os:4.2:*:*:*:*:*:*:*
cisconx_os4.0(0)n1cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n1cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n2cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:*:*:*:*:*:*:*
cisconx_os4.1(3)n1cpe:2.3:o:cisco:nx_os:4.1\(3\)n1:*:*:*:*:*:*:*
cisconx_os4.1(3)n2cpe:2.3:o:cisco:nx_os:4.1\(3\)n2:*:*:*:*:*:*:*
cisconx_os4.2(1)n1cpe:2.3:o:cisco:nx_os:4.2\(1\)n1:*:*:*:*:*:*:*
cisconx_os4.1(2)cpe:2.3:o:cisco:nx_os:4.1\(2\):*:*:*:*:*:*:*
cisconx_os4.1(3)cpe:2.3:o:cisco:nx_os:4.1\(3\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nx_os	4.1	cpe:2.3:o:cisco:nx_os:4.1:::::::*
cisco	nx_os	4.2	cpe:2.3:o:cisco:nx_os:4.2:::::::*
cisco	nx_os	4.0(0)n1	cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:::::::*
cisco	nx_os	4.0(1a)n1	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:::::::*
cisco	nx_os	4.0(1a)n2	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:::::::*
cisco	nx_os	4.1(3)n1	cpe:2.3:o:cisco:nx_os:4.1\(3\)n1:::::::*
cisco	nx_os	4.1(3)n2	cpe:2.3:o:cisco:nx_os:4.1\(3\)n2:::::::*
cisco	nx_os	4.2(1)n1	cpe:2.3:o:cisco:nx_os:4.2\(1\)n1:::::::*
cisco	nx_os	4.1(2)	cpe:2.3:o:cisco:nx_os:4.1\(2\):::::::*
cisco	nx_os	4.1(3)	cpe:2.3:o:cisco:nx_os:4.1\(3\):::::::*

Rows per page:

1-10 of 271

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131009-CVE-2012-4076

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

EPSS

Percentile

5.1%

JSON

Related for CISCO-SA-20131009-CVE-2012-4076