Lucene search

K
ciscoCiscoCISCO-SA-NACI-AFR-UTJFO2D7
HistoryAug 25, 2021 - 4:00 p.m.

Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability

2021-08-2516:00:00
tools.cisco.com
52
cisco
nexus 9000
fabric switches
aci mode
arbitrary file read
vulnerability
unauthorized file access
fabric infrastructure
access control
administrator privileges
software update
cisco security advisory.

EPSS

0

Percentile

5.1%

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to read arbitrary files on an affected system.

This vulnerability is due to improper access control. An attacker with Administrator privileges could exploit this vulnerability by executing a specific vulnerable command on an affected device. A successful exploit could allow the attacker to read arbitrary files on the file system of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-naci-afr-UtjfO2D7”]

This advisory is part of the August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74640”].

Affected configurations

Vulners
Node
cisconx_osMatch13.2
OR
cisconx_osMatch13.2\(1l\)
OR
cisconx_osMatch13.2\(1m\)
OR
cisconx_osMatch13.2\(2l\)
OR
cisconx_osMatch13.2\(2o\)
OR
cisconx_osMatch13.2\(3i\)
OR
cisconx_osMatch13.2\(3n\)
OR
cisconx_osMatch13.2\(3o\)
OR
cisconx_osMatch13.2\(3r\)
OR
cisconx_osMatch13.2\(4d\)
OR
cisconx_osMatch13.2\(4e\)
OR
cisconx_osMatch13.2\(3j\)
OR
cisconx_osMatch13.2\(3s\)
OR
cisconx_osMatch13.2\(5d\)
OR
cisconx_osMatch13.2\(5e\)
OR
cisconx_osMatch13.2\(5f\)
OR
cisconx_osMatch13.2\(6i\)
OR
cisconx_osMatch13.2\(41d\)
OR
cisconx_osMatch13.2\(7f\)
OR
cisconx_osMatch13.2\(7k\)
OR
cisconx_osMatch13.2\(9b\)
OR
cisconx_osMatch13.2\(8d\)
OR
cisconx_osMatch13.2\(9f\)
OR
cisconx_osMatch13.2\(9h\)
OR
cisconx_osMatch13.2\(10e\)
OR
cisconx_osMatch14.0
OR
cisconx_osMatch14.0\(1h\)
OR
cisconx_osMatch14.0\(2c\)
OR
cisconx_osMatch14.0\(3d\)
OR
cisconx_osMatch14.0\(3c\)
OR
cisconx_osMatch14.1
OR
cisconx_osMatch14.1\(1i\)
OR
cisconx_osMatch14.1\(1j\)
OR
cisconx_osMatch14.1\(1k\)
OR
cisconx_osMatch14.1\(1l\)
OR
cisconx_osMatch14.1\(2g\)
OR
cisconx_osMatch14.1\(2m\)
OR
cisconx_osMatch14.1\(2o\)
OR
cisconx_osMatch14.1\(2s\)
OR
cisconx_osMatch14.1\(2u\)
OR
cisconx_osMatch14.1\(2w\)
OR
cisconx_osMatch14.1\(2x\)
OR
cisconx_osMatch14.2
OR
cisconx_osMatch14.2\(1i\)
OR
cisconx_osMatch14.2\(1j\)
OR
cisconx_osMatch14.2\(1l\)
OR
cisconx_osMatch14.2\(2e\)
OR
cisconx_osMatch14.2\(2f\)
OR
cisconx_osMatch14.2\(2g\)
OR
cisconx_osMatch14.2\(3j\)
OR
cisconx_osMatch14.2\(3l\)
OR
cisconx_osMatch14.2\(3n\)
OR
cisconx_osMatch14.2\(3q\)
OR
cisconx_osMatch14.2\(4i\)
OR
cisconx_osMatch14.2\(4k\)
OR
cisconx_osMatch14.2\(4o\)
OR
cisconx_osMatch14.2\(4p\)
OR
cisconx_osMatch14.2\(5k\)
OR
cisconx_osMatch14.2\(5l\)
OR
cisconx_osMatch14.2\(5n\)
OR
cisconx_osMatch14.2\(6d\)
OR
cisconx_osMatch14.2\(6g\)
OR
cisconx_osMatch14.2\(6h\)
OR
cisconx_osMatch14.2\(6l\)
OR
cisconx_osMatch14.2\(7f\)
OR
cisconx_osMatch14.2\(6o\)
OR
cisconx_osMatch15.0
OR
cisconx_osMatch15.0\(1k\)
OR
cisconx_osMatch15.0\(1l\)
OR
cisconx_osMatch15.0\(2e\)
OR
cisconx_osMatch15.0\(2h\)
OR
cisconx_osMatch15.1
OR
cisconx_osMatch15.1\(1h\)
OR
cisconx_osMatch15.1\(2e\)
OR
cisconx_osMatch15.1\(3e\)
OR
cisconx_osMatch15.1\(4c\)
OR
cisconx_osMatch15.2
OR
cisconx_osMatch15.2\(1g\)
OR
cisconx_osMatch15.2\(2e\)
OR
cisconexus_9000
VendorProductVersionCPE
cisconx_os13.2cpe:2.3:o:cisco:nx_os:13.2:*:*:*:*:*:*:*
cisconx_os13.2(1l)cpe:2.3:o:cisco:nx_os:13.2\(1l\):*:*:*:*:*:*:*
cisconx_os13.2(1m)cpe:2.3:o:cisco:nx_os:13.2\(1m\):*:*:*:*:*:*:*
cisconx_os13.2(2l)cpe:2.3:o:cisco:nx_os:13.2\(2l\):*:*:*:*:*:*:*
cisconx_os13.2(2o)cpe:2.3:o:cisco:nx_os:13.2\(2o\):*:*:*:*:*:*:*
cisconx_os13.2(3i)cpe:2.3:o:cisco:nx_os:13.2\(3i\):*:*:*:*:*:*:*
cisconx_os13.2(3n)cpe:2.3:o:cisco:nx_os:13.2\(3n\):*:*:*:*:*:*:*
cisconx_os13.2(3o)cpe:2.3:o:cisco:nx_os:13.2\(3o\):*:*:*:*:*:*:*
cisconx_os13.2(3r)cpe:2.3:o:cisco:nx_os:13.2\(3r\):*:*:*:*:*:*:*
cisconx_os13.2(4d)cpe:2.3:o:cisco:nx_os:13.2\(4d\):*:*:*:*:*:*:*
Rows per page:
1-10 of 801

EPSS

0

Percentile

5.1%