CVE-2015-4234

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions 6.0(2) through 6.2(2)

Description The issue is related to an improper OS configuration in Cisco NX-OS, which allows local users to obtain root access via unspecified input to the Python interpreter. This is due to inadequate access restrictions to certain functions. An attacker, acting locally, can exploit this issue by providing a specific set of commands to the Python interpreter, potentially gaining root user privileges.

Recommendations For Cisco NX-OS versions 6.0(2) through 6.2(2), consider restricting access to the Python interpreter until a proper configuration or patch is available. As a temporary workaround, limit the use of the Python interpreter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.