CVE-2012-4121

Name of the Vulnerable Software and Affected Versions Cisco NX-OS (affected versions not specified)

Description A vulnerability in the Stream Editor (sed) command-line filter could allow an authenticated, local attacker to read and write arbitrary files due to an input validation issue. The attacker could exploit this by using the sed r and w commands. A successful exploit could result in a complete compromise of the affected device. The attacker requires authenticated access to the targeted system, which may limit the likelihood of a successful exploit.

Recommendations To resolve the issue, update to a version of Cisco NX-OS Software that has the fix for this vulnerability. As a temporary workaround, consider restricting the use of the sed command with r and w options until a patch is available.