Information disclosure in Cisco Nexus_93120tx

CVE-2015-4213

Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391.

Vulnerability class: Information Disclosure

EPSS: 0.007 (73.0th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1032712 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
75378 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
20150623 Cisco Nexus 9000 Series Software Password Exposure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)