cvelistv5 - cve-2015-4231

CVE-2015-4231 (GCVE-0-2015-4231)

Vulnerability from cvelistv5 – Published: 2015-07-03 10:00 – Updated: 2024-08-06 06:11

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1032763	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/viewAlert.…	vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:11:12.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032763",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032763"
          },
          {
            "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-23T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1032763",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032763"
        },
        {
          "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-4231",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032763",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032763"
            },
            {
              "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-4231",
    "datePublished": "2015-07-03T10:00:00",
    "dateReserved": "2015-06-04T00:00:00",
    "dateUpdated": "2024-08-06T06:11:12.149Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:nx-os:6.2\\\\(8a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46B2B97B-DDB7-4208-BF1A-D10C8A075A14\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.\"}, {\"lang\": \"es\", \"value\": \"El interprete Python en Cisco NX-OS 6.2(8a) en los dispositivos Nexus 7000 permite a usuarios locales evadir las restricciones de acceso y eliminar los ficheros de un VDC arbitrario mediante el aprovechamiento de privilegios de administraci\\u00f3n en un VDC, tambi\\u00e9n conocido como Bug ID CSCur08416.\"}]",
      "id": "CVE-2015-4231",
      "lastModified": "2024-11-21T02:30:40.853",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:P/A:P\", \"baseScore\": 3.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-07-03T10:59:00.077",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=39568\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032763\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://tools.cisco.com/security/center/viewAlert.x?alertId=39568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1032763\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-4231\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-07-03T10:59:00.077\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.\"},{\"lang\":\"es\",\"value\":\"El interprete Python en Cisco NX-OS 6.2(8a) en los dispositivos Nexus 7000 permite a usuarios locales evadir las restricciones de acceso y eliminar los ficheros de un VDC arbitrario mediante el aprovechamiento de privilegios de administraci\u00f3n en un VDC, tambi\u00e9n conocido como Bug ID CSCur08416.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":3.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:nx-os:6.2\\\\(8a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46B2B97B-DDB7-4208-BF1A-D10C8A075A14\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=39568\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032763\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=39568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1032763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

GSD-2015-4231

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-4231

Aliases

CVE-2015-4231

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-4231",
    "description": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.",
    "id": "GSD-2015-4231"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-4231"
      ],
      "details": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.",
      "id": "GSD-2015-4231",
      "modified": "2023-12-13T01:19:59.699197Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-4231",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1032763",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032763"
          },
          {
            "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-4231"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150630 Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
            },
            {
              "name": "1032763",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1032763"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-28T17:40Z",
      "publishedDate": "2015-07-03T10:59Z"
    }
  }
}

VAR-201507-0519

Vulnerability from variot - Updated: 2023-12-18 13:24

The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416. Vendors have confirmed this vulnerability Bug ID CSCur08416 It is released as.One local user VDC By using the administrator privileges of the VDC Files may be deleted. The Cisco Nexus 7000 Series Switches help create the network foundation platform required for next-generation unified array data centers. After the Cisco Nexus 7000 device is configured with multiple VDCs, there are multiple privilege escalation vulnerabilities in the Python scripting subsystem. Cisco NX-OS Software for Nexus 7000 Series is prone to a local privilege-escalation vulnerability. This could result in a denial of service (DoS) condition on the affected device. This issue is being tracked by Cisco Bug ID CSCur08416

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201507-0519",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "nx-os",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "6.2\\(8a\\)"
      },
      {
        "model": "nexus 7000 series switch",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "nexus 7700 switch",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "nx-os",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2(8a)"
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7000"
      },
      {
        "model": "nx-os software for nexus series 6.2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7000"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jens Krabbenhoeft",
    "sources": [
      {
        "db": "BID",
        "id": "75501"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-4231",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 3.6,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2015-4231",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2015-04323",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-82192",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-4231",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-04323",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201507-090",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-82192",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416. Vendors have confirmed this vulnerability Bug ID CSCur08416 It is released as.One local user VDC By using the administrator privileges of the VDC Files may be deleted. The Cisco Nexus 7000 Series Switches help create the network foundation platform required for next-generation unified array data centers. After the Cisco Nexus 7000 device is configured with multiple VDCs, there are multiple privilege escalation vulnerabilities in the Python scripting subsystem. Cisco NX-OS Software for Nexus 7000 Series is prone to a local privilege-escalation vulnerability. This could result in a denial of service (DoS) condition on the affected device. \nThis issue is being tracked by Cisco Bug ID CSCur08416",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-4231",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1032763",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "30254",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "75501",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "id": "VAR-201507-0519",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      }
    ],
    "trust": 1.297479
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:24:45.560000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "39568",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39568"
      },
      {
        "title": "Patch for Cisco Nexus 7000 Device Local Privilege Escalation Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/60498"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39568"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1032763"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4231"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4231"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/30254"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-07-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "date": "2015-07-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "date": "2015-07-01T00:00:00",
        "db": "BID",
        "id": "75501"
      },
      {
        "date": "2015-07-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "date": "2015-07-03T10:59:00.077000",
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "date": "2015-07-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-07-08T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-04323"
      },
      {
        "date": "2016-12-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-82192"
      },
      {
        "date": "2015-07-01T00:00:00",
        "db": "BID",
        "id": "75501"
      },
      {
        "date": "2015-07-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      },
      {
        "date": "2016-12-28T17:40:54.013000",
        "db": "NVD",
        "id": "CVE-2015-4231"
      },
      {
        "date": "2015-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "75501"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Nexus 7000 Run on device  Cisco NX-OS of  Python Vulnerabilities that can bypass access restrictions in the interpreter",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003466"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201507-090"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2015-4231

Vulnerability from fkie_nvd - Published: 2015-07-03 10:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=39568	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1032763	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=39568	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032763	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	nx-os	6.2\(8a\)
cisco	nexus_7000	-
cisco	nexus_7700	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46B2B97B-DDB7-4208-BF1A-D10C8A075A14",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416."
    },
    {
      "lang": "es",
      "value": "El interprete Python en Cisco NX-OS 6.2(8a) en los dispositivos Nexus 7000 permite a usuarios locales evadir las restricciones de acceso y eliminar los ficheros de un VDC arbitrario mediante el aprovechamiento de privilegios de administraci\u00f3n en un VDC, tambi\u00e9n conocido como Bug ID CSCur08416."
    }
  ],
  "id": "CVE-2015-4231",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-07-03T10:59:00.077",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032763"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-PMH9-FRRX-C2QM

Vulnerability from github – Published: 2022-05-17 03:14 – Updated: 2022-05-17 03:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-4231"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-07-03T10:59:00Z",
    "severity": "LOW"
  },
  "details": "The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC\u0027s files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.",
  "id": "GHSA-pmh9-frrx-c2qm",
  "modified": "2022-05-17T03:14:03Z",
  "published": "2022-05-17T03:14:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4231"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39568"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032763"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CNVD-2015-04323

Vulnerability from cnvd - Published: 2015-07-08

Title

Cisco Nexus 7000设备本地权限提升漏洞

Description

Cisco Nexus 7000 系列交换机可帮助创建新一代统一阵列数据中心所需的网络基础平台。 Cisco Nexus 7000设备配置了多个VDC后，Python scripting子系统存在多个权限提升漏洞，经过身份验证的本地攻击者利用此漏洞可以获取提升的权限，删除另一个VDC所属的文件。

Severity

高

Patch Name

Cisco Nexus 7000设备本地权限提升漏洞的补丁

Patch Description

Cisco Nexus 7000 系列交换机可帮助创建新一代统一阵列数据中心所需的网络基础平台。Cisco Nexus 7000设备配置了多个VDC后，Python scripting子系统存在多个权限提升漏洞，经过身份验证的本地攻击者利用此漏洞可以获取提升的权限，删除另一个VDC所属的文件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://tools.cisco.com/security/center/viewAlert.x?alertId=39568

Reference

http://www.nsfocus.net/vulndb/30254

Impacted products

Name
Cisco Nexus 7000

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-4231"
    }
  },
  "description": "Cisco Nexus 7000 \u7cfb\u5217\u4ea4\u6362\u673a\u53ef\u5e2e\u52a9\u521b\u5efa\u65b0\u4e00\u4ee3\u7edf\u4e00\u9635\u5217\u6570\u636e\u4e2d\u5fc3\u6240\u9700\u7684\u7f51\u7edc\u57fa\u7840\u5e73\u53f0\u3002\r\n\r\nCisco Nexus 7000\u8bbe\u5907\u914d\u7f6e\u4e86\u591a\u4e2aVDC\u540e\uff0cPython scripting\u5b50\u7cfb\u7edf\u5b58\u5728\u591a\u4e2a\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u4ee5\u83b7\u53d6\u63d0\u5347\u7684\u6743\u9650\uff0c\u5220\u9664\u53e6\u4e00\u4e2aVDC\u6240\u5c5e\u7684\u6587\u4ef6\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://tools.cisco.com/security/center/viewAlert.x?alertId=39568",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-04323",
  "openTime": "2015-07-08",
  "patchDescription": "Cisco Nexus 7000 \u7cfb\u5217\u4ea4\u6362\u673a\u53ef\u5e2e\u52a9\u521b\u5efa\u65b0\u4e00\u4ee3\u7edf\u4e00\u9635\u5217\u6570\u636e\u4e2d\u5fc3\u6240\u9700\u7684\u7f51\u7edc\u57fa\u7840\u5e73\u53f0\u3002Cisco Nexus 7000\u8bbe\u5907\u914d\u7f6e\u4e86\u591a\u4e2aVDC\u540e\uff0cPython scripting\u5b50\u7cfb\u7edf\u5b58\u5728\u591a\u4e2a\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u4ee5\u83b7\u53d6\u63d0\u5347\u7684\u6743\u9650\uff0c\u5220\u9664\u53e6\u4e00\u4e2aVDC\u6240\u5c5e\u7684\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Nexus 7000\u8bbe\u5907\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Nexus 7000"
  },
  "referenceLink": "http://www.nsfocus.net/vulndb/30254",
  "serverity": "\u9ad8",
  "submitTime": "2015-07-03",
  "title": "Cisco Nexus 7000\u8bbe\u5907\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-4231 (GCVE-0-2015-4231)

GSD-2015-4231

VAR-201507-0519

FKIE_CVE-2015-4231

GHSA-PMH9-FRRX-C2QM

CNVD-2015-04323

Tags

Sightings

Nomenclature