CVE-2012-4090

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions (affected versions not specified)

Description A vulnerability exists in the management interface of Cisco NX-OS, allowing remote authenticated users to obtain sensitive configuration-file information. This issue is due to improper sanitization of configuration files that can be viewed by users assigned to the network-operator role. An attacker could exploit this vulnerability by accessing the Cisco NX-OS management interface as a network-operator, potentially allowing them to view sensitive information in the Cisco NX-OS configuration files. The attacker requires authenticated access to the targeted system, which may limit the likelihood of a successful exploit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.