Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20171129-NXOS10
HistoryNov 29, 2017 - 4:00 p.m.

Cisco NX-OS System Software Guest Shell Unauthorized Internal Interface Access Vulnerability

2017-11-2916:00:00
tools.cisco.com
18

EPSS

0

Percentile

5.1%

JSON

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack.

The vulnerability is due to insufficient internal security measures in the guest shell feature. An attacker could exploit this vulnerability by sending or receiving packets on the device-internal network outside of the guest shell container.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos10 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos10”]

Affected configurations

Vulners
Node
ciscocisco_nx-os_softwareMatchany
OR
ciscocisco_nx-os_softwareMatchany
VendorProductVersionCPE
ciscocisco_nx-os_softwareanycpe:2.3:a:cisco:cisco_nx-os_software:any:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Improper access control
2017-11-30 09:29:00
cvelist
cvelist
CVE-2017-12351
2017-11-30 09:00:00
nvd
nvd
CVE-2017-12351
2017-11-30 09:29:00
cve
cve
CVE-2017-12351
2017-11-30 09:29:00

EPSS

0

Percentile

5.1%

JSON
Related for CISCO-SA-20171129-NXOS10
prion1cvelist1nvd1cve1