CVE-2012-4135 — MEDIUM (4.6)

Q: How severe is CVE-2012-4135?

CVE-2012-4135 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-4135?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os.

Vulnerability Description

Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty07270, CSCty07271, CSCty07273, and CSCty07275.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:S/C:N/I:C/A:N

Confidentiality

NONE

Integrity

COMPLETE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Nx-Os	<= 6.1\(2\)

Related Weaknesses (CWE)

CWE-22

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4135Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32237Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4135Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32237Vendor Advisory

FAQ

What is CVE-2012-4135?

CVE-2012-4135 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCty...

How severe is CVE-2012-4135?

CVE-2012-4135 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-4135?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os.