Cisco Bug: CSCun02887 - NX-OS Python Parser Privilege Escalation Vulnerabilities
Jan 10, 2020
- Cisco MDS 9000 NX-OS and SAN-OS Software
Known Affected Releases
Symptoms: Cisco Nexus devices running Cisco NX-OS software contain privilege escalation vulnerabilities within the Python subsystem that could allow an authenticated, local attacker to gain elevated privileges. The vulnerabilities are due to insufficient hardening of the underlying operating system on which NX-OS is based. An attacker that has sufficient privileges to execute arbitrary python scripts on an affected device can leverage this access to elevate their privileges to that of root. Conditions: Cisco Nexus devices running an affected version of Cisco NX-OS software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases