CVE-2012-4075

Name of the Vulnerable Software and Affected Versions Cisco NX-OS (affected versions not specified)

Description The issue allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters. This is due to poor processing of parameters that include special characters, such as the back quote character. An attacker could exploit this by using special characters in certain command parameters to access the bash shell and run arbitrary shell commands with root privileges. The attacker requires authenticated access to the targeted system, which may limit the likelihood of a successful exploit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.