CVE-2015-4234Cisco Nx-os vulnerability

CWE-2644 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 68.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedJul 3
Latest updateMay 17

Description

Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDcisco/nx-os6.0\(2\), 6.2\(2\)+1

🔴Vulnerability Details

2
GHSA
GHSA-h28w-hpqp-8qrm: Cisco NX-OS 62022-05-17
CVEList
CVE-2015-4234: Cisco NX-OS 62015-07-03

📋Vendor Advisories

1
Cisco
Cisco Nexus Devices Python Subsystem Local Privilege Escalation Vulnerabilities2015-06-30
CVE-2015-4234 — Cisco Nx-os vulnerability | cvebase