Vulnerability Details : CVE-2015-4231
The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass intended access restrictions and delete an arbitrary VDC's files by leveraging administrative privileges in one VDC, aka Bug ID CSCur08416.
Products affected by CVE-2015-4231
- cpe:2.3:o:cisco:nx-os:6.2\(8a\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-4231
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-4231
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.6
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:P |
3.9
|
4.9
|
NIST |
CWE ids for CVE-2015-4231
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-4231
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=39568
Cisco Nexus 7000 Devices Virtual Device Context Privilege Escalation VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1032763
Cisco NX-OS Python Scripting Engine Privilege Separation Flaw Lets Local Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
Jump to