Multiple vulnerabilities in Cisco NX-OS System Software
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2017-12339 CVE-2017-12333 CVE-2017-12334 CVE-2017-12335 CVE-2017-12336 CVE-2017-12341 CVE-2017-12342 CVE-2017-12338 CVE-2017-12329 CVE-2017-12330 CVE-2017-12331 CVE-2017-12351 CVE-2017-12332 CVE-2017-12340 |
| CWE-ID | CWE-77 CWE-264 CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Nexus 9500 R-Series Line Cards and Fabric Modules Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 9000 Series Fabric Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 7700 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 7000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 6000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 5600 Platform Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 5500 Platform Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 5000 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 2000 Series Fabric Extenders Hardware solutions / Routers & switches, VoIP, GSM, etc Multilayer Director Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Nexus 3500 Series Switches Hardware solutions / Routers & switches, VoIP, GSM, etc Cisco Unified Computing System Manager Server applications / Remote management servers, RDP, SSH |
| Vendor |
Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU9479
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12339
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation of command arguments to the CLI parser. A local attacker can inject specially crafted command arguments into a vulnerable CLI command and execute arbitrary commands at the user's privilege level.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 9000 Series Fabric Switches: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos7
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security restrictions bypass
EUVDB-ID: #VU9480
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12333
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists in Cisco NX-OS System Software due to insufficient NX-OS signature verification for software images. A local attacker with knowledge of valid administrator credentials can bypass signature verification and load a crafted, unsigned software image.
Install update from vendor's website.
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Privilege escalation
EUVDB-ID: #VU9481
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12334
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation of command arguments. A local attacker with knowledge of valid administrator credentials can inject specially crafted command arguments into a vulnerable CLI command and execute arbitrary commands with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Nexus 3500 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos3
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Privilege escalation
EUVDB-ID: #VU9482
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12335
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation of command arguments to the CLI parser. A local attacker can inject specially crafted command arguments into a vulnerable CLI command and execute arbitrary commands at the user's privilege level.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 9000 Series Fabric Switches: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Privilege escalation
EUVDB-ID: #VU9483
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12336
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the TCL scripting subsystem of Cisco NX-OS System Software due to insufficient input validation of user-supplied files passed to the interactive TCL shell. A local attacker with administrative or tclsh execution privileges can escape the interactive TCL shell, gain unauthorized access to the underlying operating system and execute arbitrary commands with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
Nexus 3500 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos5
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Privilege escalation
EUVDB-ID: #VU9484
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12341
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation during the installation of a software patch. A local attacker with knowledge of valid administrator credentials can install a specially crafted patch image with the vulnerable operation occurring prior to patch activation and execute arbitrary commands with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
Cisco Unified Computing System Manager: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Privilege escalation
EUVDB-ID: #VU9485
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12342
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the Open Agent Container (OAC) feature due to insufficient internal security measures in the OAC feature. A local attacker can craft specific packets for communication on the device-internal network and run code on the underlying host operating system.
Install update from vendor's website.
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
Nexus 2000 Series Fabric Extenders: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos9
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Information disclosure
EUVDB-ID: #VU9486
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12338
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation for a specific CLI command. A local attacker can issue a specially crafted command on the CLI and read arbitrary files on the underlying local file system.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos6
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Privilege escalation
EUVDB-ID: #VU9487
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12329
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI due to insufficient input validation of command arguments to the CLI parser. A local attacker can inject specially crafted command arguments into a vulnerable CLI command and execute arbitrary commands at the user's privilege level.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 9000 Series Fabric Switches: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
Nexus 3500 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-fxnx
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Privilege escalation
EUVDB-ID: #VU9488
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12330
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The weakness exists in the CLI of Cisco NX-OS System Software due to insufficient input validation of command arguments to the CLI parser. A local attacker can inject specially crafted command arguments into a vulnerable CLI command and execute arbitrary commands at the user's privilege level.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
Nexus 9000 Series Fabric Switches: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nss
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Security restrictions bypass
EUVDB-ID: #VU9489
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12331
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists in Cisco NX-OS System Software due to insufficient NX-OS signature verification for software images. A local attacker with knowledge of valid administrator credentials can bypass signature verification and load a crafted, unsigned software image.
Install update from vendor's website.
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Security restrictions bypass
EUVDB-ID: #VU9490
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12351
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists in the guest shell feature of Cisco NX-OS System Software due to insufficient internal security measures in the guest shell feature. A local attacker with knowledge of valid administrator credentials can bypass security restrictions to send or receive packets on the device-internal network outside of the guest shell container.
Install update from vendor's website.
Nexus 9500 R-Series Line Cards and Fabric Modules: All versions
: All versions
: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos10
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Security restrictions bypass
EUVDB-ID: #VU9491
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12332
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists in Cisco NX-OS System Software due to insufficient restrictions in the patch installation process. A local attacker with knowledge of valid administrator credentials can install a specially crafted patch image, bypass security restrictions and write a file to arbitrary locations.
Install update from vendor's website.
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
Nexus 6000 Series Switches: All versions
Nexus 5600 Platform Switches: All versions
Nexus 5500 Platform Switches: All versions
Nexus 5000 Series Switches: All versions
Nexus 2000 Series Fabric Extenders: All versions
Multilayer Director Switches: All versions
: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Improper input validation
EUVDB-ID: #VU9516
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-12340
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass security restrictions on the target system.
The vulnerability exists due to insufficient sanitization of user-supplied parameters that are passed to certain functions of the Python scripting sandbox. A local attacker can escape the scripting sandbox and enter the Bash shell of the operating system with the privileges of the authenticated user.
MitigationInstall update from vendor's website.
Multilayer Director Switches: All versions
Nexus 7700 Series Switches: All versions
Nexus 7000 Series Switches: All versions
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-switch
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
