First published: Wed Sep 02 2020(Updated: )
A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from a specific file. An attacker could exploit this vulnerability by supplying a crafted file that, when it is processed, may cause a stack-based buffer overflow. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system with root privileges. An attacker would need to have valid administrative credentials to exploit this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-buffer-cSdmfWUt
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco FX-OS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-fxos-buffer-cSdmfWUt is classified as high due to the potential for a buffer overflow by an authenticated attacker.
To fix cisco-sa-fxos-buffer-cSdmfWUt, update to the latest version of Cisco FXOS Software that addresses the vulnerability.
Only authenticated local attackers with administrative credentials can exploit cisco-sa-fxos-buffer-cSdmfWUt.
Cisco FXOS Software is affected by the cisco-sa-fxos-buffer-cSdmfWUt vulnerability.
The vulnerability type for cisco-sa-fxos-buffer-cSdmfWUt is a buffer overflow caused by incorrect bounds checking.