Details of VAR-201507-0520

ID

VAR-201507-0520

CVE

CVE-2015-4232

TITLE

Cisco Nexus and MDS 9000 Run on device Cisco NX-OS In any OS Command execution vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-003467

DESCRIPTION

Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS commands by entering crafted tar parameters in the CLI, aka Bug ID CSCus44856. Cisco Nexus and MDS 9000 Run on device Cisco NX-OS Any OS A command execution vulnerability exists. Nexus is Cisco's line of network switches designed for data centers. On the command line interpreter of the Cisco Nexus device, the parameter input filtering of the tar command is invalid. There are multiple privilege escalation vulnerabilities. An authenticated local attacker can use this vulnerability to gain elevated privileges and execute arbitrary commands on the underlying operating system. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. Cisco NX-OS Software for Nexus Series is prone to a local privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCus44856

Trust: 3.06

sources: NVD: CVE-2015-4232 // JVNDB: JVNDB-2015-003467 // CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // BID: 75503 // VULHUB: VHN-82193

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 1.2

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(10\)	Trust: 1.6
vendor:	cisco	model:	mds 9100 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mds 9200 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mds 9500	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	mds 9700	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 93120tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 93128tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9332pq switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9336pq aci spini switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9372px switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9372tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9396px switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9396tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9504 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9508 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9516 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2(10)	Trust: 0.8
vendor:	cisco	model:	mds nx-os software	scope:	eq	version:	9000>=6.2(10)	Trust: 0.6
vendor:	cisco	model:	nexus nx-os software	scope:	gte	version:	6.2(10)	Trust: 0.6
vendor:	cisco	model:	nx-os 6.2 (on nexus and mds	scope:	eq	version:	9000)	Trust: 0.6
vendor:	cisco	model:	nx-os software for nexus series	scope:	eq	version:	70006.2(10)	Trust: 0.3

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // BID: 75503 // JVNDB: JVNDB-2015-003467 // CNNVD: CNNVD-201507-091 // NVD: CVE-2015-4232

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-4232
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-4232
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2015-04196
value:	MEDIUM
Trust: 0.6
CNVD:	CNVD-2015-04580
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201507-091
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-82193
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-4232
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-04196
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:L/AC:L/AU:S/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.1
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2015-04580
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:L/AC:L/AU:S/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.1
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-82193
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // VULHUB: VHN-82193 // JVNDB: JVNDB-2015-003467 // CNNVD: CNNVD-201507-091 // NVD: CVE-2015-4232

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-82193 // JVNDB: JVNDB-2015-003467 // NVD: CVE-2015-4232

THREAT TYPE

local

Trust: 0.9

sources: BID: 75503 // CNNVD: CNNVD-201507-091

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201507-091

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003467

PATCH

title:	39569	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=39569	Trust: 0.8
title:	Patch for Cisco Nexus Device NS-OS Software Command Line Interpreter Local Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/60299	Trust: 0.6
title:	Patch for Cisco NX-OS 'tar' Command Verify Privilege Escalation Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/60928	Trust: 0.6

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // JVNDB: JVNDB-2015-003467

EXTERNAL IDS

db:	NVD	id:	CVE-2015-4232	Trust: 4.0
db:	BID	id:	75503	Trust: 2.0
db:	SECTRACK	id:	1032764	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-003467	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-091	Trust: 0.7
db:	CNVD	id:	CNVD-2015-04196	Trust: 0.6
db:	CNVD	id:	CNVD-2015-04580	Trust: 0.6
db:	VULHUB	id:	VHN-82193	Trust: 0.1

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // VULHUB: VHN-82193 // BID: 75503 // JVNDB: JVNDB-2015-003467 // CNNVD: CNNVD-201507-091 // NVD: CVE-2015-4232

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39569	Trust: 3.2
url:	http://www.securityfocus.com/bid/75503	Trust: 1.1
url:	http://www.securitytracker.com/id/1032764	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4232	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4232	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2015-04196 // CNVD: CNVD-2015-04580 // VULHUB: VHN-82193 // BID: 75503 // JVNDB: JVNDB-2015-003467 // CNNVD: CNNVD-201507-091 // NVD: CVE-2015-4232

CREDITS

Jens Krabbenhoeft

Trust: 0.3

sources: BID: 75503

SOURCES

db:	CNVD	id:	CNVD-2015-04196
db:	CNVD	id:	CNVD-2015-04580
db:	VULHUB	id:	VHN-82193
db:	BID	id:	75503
db:	JVNDB	id:	JVNDB-2015-003467
db:	CNNVD	id:	CNNVD-201507-091
db:	NVD	id:	CVE-2015-4232

LAST UPDATE DATE

2024-11-23T23:09:14.867000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-04196	date:	2015-07-03T00:00:00
db:	CNVD	id:	CNVD-2015-04580	date:	2015-07-16T00:00:00
db:	VULHUB	id:	VHN-82193	date:	2016-12-28T00:00:00
db:	BID	id:	75503	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003467	date:	2015-07-10T00:00:00
db:	CNNVD	id:	CNNVD-201507-091	date:	2015-07-10T00:00:00
db:	NVD	id:	CVE-2015-4232	date:	2024-11-21T02:30:40.970

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-04196	date:	2015-07-03T00:00:00
db:	CNVD	id:	CNVD-2015-04580	date:	2015-07-16T00:00:00
db:	VULHUB	id:	VHN-82193	date:	2015-07-03T00:00:00
db:	BID	id:	75503	date:	2015-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2015-003467	date:	2015-07-10T00:00:00
db:	CNNVD	id:	CNNVD-201507-091	date:	2015-07-06T00:00:00
db:	NVD	id:	CVE-2015-4232	date:	2015-07-03T10:59:01.343