ID de Prueba:	1.3.6.1.4.1.25623.1.0.105701
Categoría:	CISCO
Título:	Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability (Cisco-SA-20150701-CVE-2015-4237)
Resumen:	A vulnerability in the Command Line Interface (CLI) parser of; Cisco Nexus Operating System (NX-OS) devices could allow an authenticated, local attacker to; perform a privilege escalation.
Descripción:	Summary: A vulnerability in the Command Line Interface (CLI) parser of Cisco Nexus Operating System (NX-OS) devices could allow an authenticated, local attacker to perform a privilege escalation. Vulnerability Insight: The vulnerability is due to improper input validation of special characters within filenames. An attacker could exploit this vulnerability by authenticating at the local shell and writing a file to disk with certain special characters. The attacker could then use that file with other CLI commands to obtain a shell prompt at their current privilege level. Vulnerability Impact: An exploit could allow the attacker to read and write files and perform other privileged commands. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-4237 Cisco Security Advisory: 20150701 Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability http://tools.cisco.com/security/center/viewAlert.x?alertId=39583 http://www.securitytracker.com/id/1032775
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.