A vulnerability in the command-line interface (CLI) of Cisco NX-OS Software could allow an authenticated, local attacker to access the contents of arbitrary files on the affected device.

Exploiting this issue can allow a local attacker to gain read access to arbitrary files. Information harvested may aid in launching further attacks.

Updates are available.

This issue is being tracked by Cisco Bug ID CSCul05217 and CSCul23419

This vulnerability affects the following platforms which are based on Cisco NX-OS: Cisco Nexus 7000 Cisco MDS 9000 Cisco Nexus 6000 Cisco Nexus 5500 Cisco Nexus 5000 Cisco Nexus 4000 Cisco Nexus 3500 Cisco Nexus 3000 Cisco Nexus 1000V Cisco Connected Grid Router 1000 Series Cisco Unified Computing System Fabric Interconnect 6200 Cisco Unified Computing System Fabric Interconnect 6100

Check the NX OS version.

• http://www.securityfocus.com/bid/67426
• https://tools.cisco.com/bugsearch/bug/CSCul23419

---

Updated on 2015-03-25