CVE-2015-4232 — Cisco Nx-os vulnerability

CWE-2644 documents4 sources

Severity

4.6MEDIUMNVD

EPSS

0.3%

top 48.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedJul 3

Latest updateMay 17

Description

Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/nx-os6.2\(10\)

🔴Vulnerability Details

GHSA

GHSA-3hq6-jjwr-fjv7: Cisco NX-OS 6↗2022-05-17

▶

CVEList

CVE-2015-4232: Cisco NX-OS 6↗2015-07-03

▶

📋Vendor Advisories

Cisco

Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability↗2015-06-30

▶