Cisco NX-OS System Software is prone to a local command-injection vulnerability.
A local attacker can exploit this issue to execute arbitrary commands with user's privileges.
This issue being tracked by Cisco Bug IDs CSCve99902 and CSCvf14879.
Information
Cisco Nexus 9500 R-Series Line Cards and Fabric Modules 0
Cisco Nexus 9000 Series Switches - Standalone NX-OS mode 0
Cisco Nexus 7700 Series Switches 0
Cisco Nexus 7000 Series Switches 8.1(1)
Cisco Nexus 7000 Series Switches 8.1(0)BD(0.20)
Cisco Nexus 6000 Series Switches 0
Cisco Nexus 5600 Platform Switches 0
Cisco Nexus 5500 Platform Switches 0
Cisco Nexus 5000 Series Switches 7.0(0)HSK(0.357)
Cisco Nexus 3000 Series Switches 0
Cisco Nexus 2000 Series Fabric Extenders 0
Cisco Multilayer Director Switches 0
Exploit
Attackers require local interactive access to exploit this issue.
References: