Lucene search
K

Cisco Application Policy Infrastructure Permissions, Privileges, and Access Controls (CVE-2015-4235)

🗓️ 04 Dec 2024 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 5 Views

Cisco APIC devices allow root access due to improper access control in specific software versions.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502778);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/16");

  script_cve_id("CVE-2015-4235");

  script_name(english:"Cisco Application Policy Infrastructure Permissions, Privileges, and Access Controls (CVE-2015-4235)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"Cisco Application Policy Infrastructure Controller (APIC) devices with
software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI
devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not
properly restrict access to the APIC filesystem, which allows remote
authenticated users to obtain root privileges via unspecified use of
the APIC cluster-management configuration feature, aka Bug IDs
CSCuu72094 and CSCuv11991.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4b783dde");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1033025");
  # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4b783dde");
  script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1033025");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-4235");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(264);

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/07/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/07/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/12/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%281b%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%281c%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%281d%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%281e%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%282j%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%282m%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%283f%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%283i%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%283k%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%283n%29");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nexus_9000_series_switches:11.0%284h%29");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024-2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Cisco");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Cisco');

var asset = tenable_ot::assets::get(vendor:'Cisco');

var vuln_cpes = {
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%281b%29" :
        {"versionEndIncluding" : "11.0%281b%29", "versionStartIncluding" : "11.0%281b%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%281c%29" :
        {"versionEndIncluding" : "11.0%281c%29", "versionStartIncluding" : "11.0%281c%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%281d%29" :
        {"versionEndIncluding" : "11.0%281d%29", "versionStartIncluding" : "11.0%281d%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%281e%29" :
        {"versionEndIncluding" : "11.0%281e%29", "versionStartIncluding" : "11.0%281e%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%282j%29" :
        {"versionEndIncluding" : "11.0%282j%29", "versionStartIncluding" : "11.0%282j%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%282m%29" :
        {"versionEndIncluding" : "11.0%282m%29", "versionStartIncluding" : "11.0%282m%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%283f%29" :
        {"versionEndIncluding" : "11.0%283f%29", "versionStartIncluding" : "11.0%283f%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%283i%29" :
        {"versionEndIncluding" : "11.0%283i%29", "versionStartIncluding" : "11.0%283i%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%283k%29" :
        {"versionEndIncluding" : "11.0%283k%29", "versionStartIncluding" : "11.0%283k%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%283n%29" :
        {"versionEndIncluding" : "11.0%283n%29", "versionStartIncluding" : "11.0%283n%29", "family" : "NXOS"},
    "cpe:/o:cisco:nexus_9000_series_switches:11.0%284h%29" :
        {"versionEndIncluding" : "11.0%284h%29", "versionStartIncluding" : "11.0%284h%29", "family" : "NXOS"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

16 Oct 2025 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 29
EPSS0.02246
5