CVE-2015-4231

Name of the Vulnerable Software and Affected Versions Cisco NX-OS version 6.2(8a)

Description The issue is related to incomplete privilege separation of the Python scripting engine across multiple virtual device contexts (VDCs) in Cisco NX-OS. This allows an attacker with administrative privileges in one VDC to bypass access restrictions and delete files owned by a different VDC, potentially leading to a denial of service (DoS) condition. The vulnerability can be exploited by an authenticated, local attacker with administrative privileges in a specific VDC.

Recommendations For Cisco NX-OS version 6.2(8a), at the moment, there is no information about a newer version that contains a fix for this vulnerability.