PT-2021-5277 · Cisco · Cisco Nexus 9000 Series Fabric Switches
Adrien Peter
+2
·
Published
2021-08-25
·
Updated
2022-10-21
·
CVE-2021-1583
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode (affected versions not specified)
Description
A vulnerability in the fabric infrastructure file system access control could allow an authenticated, local attacker to read arbitrary files on an affected system. This issue is due to improper access control. An attacker with Administrator privileges could exploit this by executing a specific vulnerable command on an affected device, allowing them to read arbitrary files on the file system.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Access Control
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Nexus 9000 Series Fabric Switches