Privilege Escalation in Cisco NX-OS on Nexus 7000 Devices

CVE-2013-1191

What is CVE-2013-1191?

A security issue exists in Cisco NX-OS prior to version 6.1(5) on Nexus 7000 devices that allows remote authenticated users to escalate their privileges. This occurs under specific configurations, particularly when local authentication is enabled along with multiple Virtual Device Contexts (VDCs). Attackers can exploit this vulnerability through the submission of crafted SSH key data during SSH sessions directed at management interfaces, thereby gaining undesired access to other VDCs.

References