Vulnerability in Cisco Nexus_7000

CVE-2012-4090

The management interface in Cisco NX-OS on Nexus 7000 devices allows remote authenticated users to obtain sensitive configuration-file information by leveraging the network-operator role, aka Bug ID CSCti09089.

EPSS: 0.005 (66.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Nexus_7000
Cisco Nexus_7000_10-slot
Cisco Nexus_7000_18-slot
Cisco Nexus_7000_9-slot
Cisco Nx-os
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cisco-nxos-cve20124090-info-disc(87670) (vdb-entry, x_refsource_XF)
62841 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
98123 (x_refsource_OSVDB, vdb-entry)
1029158 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
20131004 Cisco Nexus 7000 Information Disclosure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
55206 (x_refsource_SECUNIA, third-party-advisory)