Unrated severityNVD Advisory· Published Jul 3, 2015· Updated May 6, 2026
CVE-2015-4237
CVE-2015-4237
Description
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.
Affected products
6cpe:2.3:o:cisco:nx-os:7.2\(0\)zz\(99.3\):*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:cisco:nx-os:7.2\(0\)zz\(99.3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:7.2\(0\)zz\(99.1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:6.2\(11b\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:9.1\(1\)sv1\(3.1.8\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:6.2\(12\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:4.1\(2\)e1\(1\):*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securitytracker.com/id/1032775nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.