Privilege Escalation Vulnerability in Cisco Nexus 9000 Series Fabric Switches

Privilege Escalation Vulnerability in Cisco Nexus 9000 Series Fabric Switches

CVE-2021-1584 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient restrictions during the execution of a specific CLI command. An attacker with administrative privileges could exploit this vulnerability by performing a command injection attack on the vulnerable command. A successful exploit could allow the attacker to access the underlying operating system as root.

Learn more about our Cis Benchmark Audit For Cisco.