CVE-2011-2569

2011-10-2721:55:00

CWE-264

[email protected]

web.nvd.nist.gov

100

cisco

nexus os

nx-os

cisco unified computing system

privilege escalation

vulnerability

cve-2011-2569

nvd

6.7 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188.

CPENameOperatorVersion
cisco:nx-oscisco nx-oseq5.0
cisco:nx-oscisco nx-oseq4.2
cisco:unified_computing_systemcisco unified computing systemeq-
cisco:unified_computing_system_infrastructure_and_unified_computing_system_softwarecisco unified computing system infrastructure and unified computing system softwareeq1.4\(1j\)
cisco:unified_computing_system_infrastructure_and_unified_computing_system_softwarecisco unified computing system infrastructure and unified computing system softwareeq2.0\(1q\)

CPE	Name	Operator	Version
cisco:nx-os	cisco nx-os	eq	5.0
cisco:nx-os	cisco nx-os	eq	4.2
cisco:unified_computing_system	cisco unified computing system	eq	-
cisco:unified_computing_system_infrastructure_and_unified_computing_system_software	cisco unified computing system infrastructure and unified computing system software	eq	1.4\(1j\)
cisco:unified_computing_system_infrastructure_and_unified_computing_system_software	cisco unified computing system infrastructure and unified computing system software	eq	2.0\(1q\)