Vulnerability Description
Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 6.2\(10\) |
| Cisco | Mds 9100 | - |
| Cisco | Mds 9200 | - |
| Cisco | Mds 9500 | - |
| Cisco | Mds 9700 | - |
| Cisco | Nexus 93120Tx | - |
| Cisco | Nexus 93128Tx | - |
| Cisco | Nexus 9332Pq | - |
| Cisco | Nexus 9336Pq Aci Spine | - |
| Cisco | Nexus 9372Px | - |
| Cisco | Nexus 9372Tx | - |
| Cisco | Nexus 9396Px | - |
| Cisco | Nexus 9396Tx | - |
| Cisco | Nexus 9504 | - |
| Cisco | Nexus 9508 | - |
| Cisco | Nexus 9516 | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39569Vendor Advisory
- http://www.securityfocus.com/bid/75503Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032764Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39569Vendor Advisory
- http://www.securityfocus.com/bid/75503Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032764Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4232?
CVE-2015-4232 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856.
How severe is CVE-2015-4232?
CVE-2015-4232 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4232?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Mds 9100, Cisco Mds 9200, Cisco Mds 9500, Cisco Mds 9700.