Signature Detail

APP: Cisco NX-OS Privilege Escalation

This signature detects attempts to exploit a known flaw in Cisco NS-OS. The vulnerability is due to insufficient validation of CLI input containing the pipe character (|). Remote authenticated attackers can exploit this vulnerability by using specially crafted commands on a vulnerable system. Successful exploitation could cause execution of restricted commands, resulting in access to the underlying Linux operating system.

Extended Description

Cisco Nexus OS is prone to multiple local command-injection vulnerabilities. A local attacker can exploit these issues to execute arbitrary commands with administrative privileges. Successful exploits may compromise the affected computer. Cisco MDS, UCS, Nexus 7000, 5000, 4000, 3000, 2000, and 1000V are vulnerable; other versions may also be affected.

Affected Products

• Cisco MDS
• Cisco MDS 9000
• Cisco Nexus 1000V
• Cisco Nexus 2000
• Cisco Nexus 3000
• Cisco Nexus 4000
• Cisco Nexus 5000
• Cisco Nexus 7000
• Cisco NX-OS 4.0(1A)N2(1)
• Cisco NX-OS 4.1(3)N2(1A)
• Cisco NX-OS 4.1(4)
• Cisco NX-OS 4.2.1
• Cisco NX-OS 4.2(2)
• Cisco NX-OS 4.2(3)
• Cisco NX-OS 4.2(4)
• Cisco NX-OS 4.2(5)
• Cisco NX-OS 5.0
• Cisco NX-OS 5.0(0.54)
• Cisco NX-OS 5.0(2)
• Cisco NX-OS 5.0(3)
• Cisco NX-OS 5.0(3)
• Cisco NX-OS 5.0(3)N2(1)
• Cisco NX-OS 5.0(3)U1(2a)
• Cisco NX-OS
• Cisco Unified Computing System (UCS) 1.4(1i)
• Cisco Unified Computing System (UCS) 1.4(1j)
• Cisco Unified Computing System (UCS) 1.4(1m)
• Cisco Unified Computing System (UCS) 1.4(3i)
• Cisco Unified Computing System (UCS) 1.4(3l)
• Cisco Unified Computing System (UCS) 1.4(3m)
• Cisco Unified Computing System (UCS) 1.4(3q)
• Cisco Unified Computing System (UCS) 1.4(3s)
• Cisco Unified Computing System (UCS) 2.0
• Cisco Unified Computing System (UCS)

References

• BugTraq: 50347
• CVE: CVE-2011-2569