Lucene search

CiscoCVE-2015-4234

HistoryJul 03, 2015 - 10:59 a.m.

CVE-2015-4234

2015-07-0310:59:02

CWE-264

cisco

web.nvd.nist.gov

cve-2015-4234

cisco

nx-os

nexus

os configuration

root access

python interpreter

bug ids

cscun02887

cscur00115

cscur00127

nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.1%

JSON

Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local users to obtain root access via unspecified input to the Python interpreter, aka Bug IDs CSCun02887, CSCur00115, and CSCur00127.

Affected configurations

Nvd

Node

cisconx-osMatch6.0\(2\)

cisconx-osMatch6.2\(2\)

VendorProductVersionCPE
cisconx-os6.0(2)cpe:2.3:o:cisco:nx-os:6.0\(2\):*:*:*:*:*:*:*
cisconx-os6.2(2)cpe:2.3:o:cisco:nx-os:6.2\(2\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nx-os	6.0(2)	cpe:2.3:o:cisco:nx-os:6.0\(2\):::::::*
cisco	nx-os	6.2(2)	cpe:2.3:o:cisco:nx-os:6.2\(2\):::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=39571

www.securityfocus.com/bid/75502

www.securitytracker.com/id/1032765

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-4234