PT-2015-3984 · Cisco · Cisco Nx-Os+1
Publicado
2015-02-02
·
Atualizado
2015-11-04
·
CVE-2014-8013
CVSS v2.0
4.9
Média
| Vetor | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco NX-OS (affected versions not specified)
Description
The issue is related to the TACACS+ command-authorization implementation, which allows local users to cause a denial of service by executing a long CLI command. This is due to incorrect processing of very long command-line interface commands by the TACACS+ command authorization feature. An attacker must be locally authenticated to exploit this issue, and successful exploitation could allow the attacker to cause the device to reload.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Nx-Os
Cisco Nexus