CVE-2012-4076

Name of the Vulnerable Software and Affected Versions Cisco NX-OS (affected versions not specified)

Description The issue allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function. This is due to poor processing of parameters that include special characters, such as the Linux pipe symbol ( | ), within a command that executes a system() call. A successful exploit could allow the attacker access to the bash shell and run arbitrary shell commands with administrative privileges. To exploit this vulnerability, an attacker requires authenticated access to the targeted system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.