Cisco NX-OS Arbitrary File Read Vulnerability (CSCul05217 / CSCul23419)

medium Nessus Plugin ID 77284


The remote device is running a vulnerable version of NX-OS.


According to its self-reported version, the remote NX-OS device is affected by a directory traversal vulnerability due to improper filtering of user input in its command line interface (CLI). An authenticated, local attacker could access arbitrary files on the device.


See the referenced Cisco bug IDs to obtain the appropriate vendor supplied patch.

See Also

Plugin Details

Severity: Medium

ID: 77284

File Name: cisco-sn-CVE-2013-6975-nxos.nasl

Version: 1.6

Type: combined

Family: CISCO

Published: 8/20/2014

Updated: 10/29/2019

Supported Sensors: Nessus

Risk Information


Risk Factor: Low

Score: 3.4


Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 5/15/2014

Vulnerability Publication Date: 5/15/2014

Reference Information

CVE: CVE-2013-6975

BID: 67426

CISCO-BUG-ID: CSCul05217, CSCul23419