Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-4237

The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.

  • Published: Jul 3, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-4237
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
cisco / nx-os 7.2(0)zz(99.3) 7.2(0)zz(99.3).x
cisco / nx-os 7.2(0)zz(99.1) 7.2(0)zz(99.1).x
cisco / nx-os 6.2(11b) 6.2(11b).x
cisco / nx-os 9.1(1)sv1(3.1.8) 9.1(1)sv1(3.1.8).x
cisco / nx-os 6.2(12) 6.2(12).x
cisco / nx-os 4.1(2)e1(1) 4.1(2)e1(1).x