Information Disclosure in Cisco Nexus 7000 Devices
CVE-2012-4090

Currently unrated

Key Information:

Vendor: Cisco
Status: Nx-os; Nexus 7000; Nexus 7000 10-slot; Nexus 7000 18-slot
Vendor: CVE Published:; 5 October 2013

What is CVE-2012-4090?

The management interface in Cisco NX-OS on Nexus 7000 devices permits remote authenticated users with network-operator role access to sensitive configuration information. This vulnerability may lead to unauthorized exposure of critical system configurations, which can be exploited for further malicious activities. Affected users should ensure that only trusted personnel are assigned the network-operator role and regularly review access controls to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87670

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/62841

vdb-entryx_refsource_BID

http://osvdb.org/98123

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2013
Vulnerability Reserved
Jul 31, 2012