CVE-2011-2569 — MEDIUM (6.8)

Vulnerability Description

Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188.

CVSS Score

6.8

MEDIUM

AV:L/AC:L/Au:S/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Nx-Os	4.2
Cisco	Unified Computing System	-
Cisco	Unified Computing System Infrastructure And Unified Computing System Software	1.4\(1j\)

Related Weaknesses (CWE)

CWE-264

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=24458Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=24458Vendor Advisory

FAQ

What is CVE-2011-2569?

CVE-2011-2569 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspe...

How severe is CVE-2011-2569?

CVE-2011-2569 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-2569?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Unified Computing System, Cisco Unified Computing System Infrastructure And Unified Computing System Software.