CVE-2017-12331

Name of the Vulnerable Software and Affected Versions Cisco NX-OS System Software (affected versions not specified)

Description A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The issue is due to insufficient NX-OS signature verification for software patches. An attacker with valid administrator credentials could exploit this to load a crafted, unsigned software patch on a targeted device. This affects products such as Multilayer Director Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, and Unified Computing System Manager.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.