CVE-2016-1341

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions 7.0(1)N1(1) through 7.0(1)N1(3) and 7.0(4)N1(1)

Description The issue is related to a blank root password in the Cisco NX-OS, which allows local users to gain privileges. An unauthenticated, local attacker could log in to the system shell with root user privileges due to a missing password for the root user account. This account is created at installation and cannot be changed or deleted without impacting system functionality. An attacker could exploit this by physically connecting to the affected system, potentially accessing the system with root user privileges.

Recommendations For versions 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1), at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting physical access to the affected system to minimize the risk of exploitation.