CVE-2015-0658

Name of the Vulnerable Software and Affected Versions Cisco NX-OS (affected versions not specified)

Description The issue is related to the DHCP implementation in the PowerOn Auto Provisioning (POAP) feature, which does not properly restrict the initialization process. This allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network. The vulnerability is due to insufficient input validation of the DHCP options returned as a result of POAP. An attacker could exploit this by responding to the initial DHCP request with crafted DHCP packets, allowing the execution of arbitrary commands in the security context of the root user. The attack can occur during the POAP initialization process and requires the attacker to be on the same broadcast or collision domain as the affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.