Home

Description

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by entering crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to read and write files on the underlying operating system with the privileges of a non-root user account. File system access is limited to the permissions that are granted to that non-root user account.

PUBLISHED Reserved 2024-10-10 | Published 2025-08-27 | Updated 2025-08-27 | Assigner cisco




MEDIUM: 4.4CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Problem types

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unknown

8.2(5)
affected

7.3(6)N1(1a)
affected

7.3(5)D1(1)
affected

8.4(2)
affected

7.3(6)N1(1)
affected

8.4(3)
affected

9.2(3)
affected

7.0(3)I5(2)
affected

8.2(1)
affected

6.0(2)A8(7a)
affected

7.0(3)I4(5)
affected

7.0(3)I4(6)
affected

7.3(4)N1(1)
affected

7.0(3)I4(3)
affected

9.2(2v)
affected

7.0(3)I4(7)
affected

7.0(3)I4(1)
affected

7.0(3)I4(8)
affected

7.0(3)I4(2)
affected

6.0(2)A8(11)
affected

7.3(4)D1(1)
affected

9.2(1)
affected

9.2(2t)
affected

9.2(3y)
affected

7.0(3)I4(1t)
affected

7.0(3)I7(6z)
affected

9.3(2)
affected

7.0(3)F3(3)
affected

7.0(3)I7(3z)
affected

7.0(3)IM7(2)
affected

6.0(2)A8(11b)
affected

7.3(0)N1(1)
affected

7.0(3)I7(5a)
affected

8.1(1)
affected

7.0(3)I6(1)
affected

8.2(2)
affected

7.3(2)N1(1c)
affected

7.0(3)I5(3b)
affected

8.3(2)
affected

7.3(5)N1(1)
affected

7.3(2)N1(1b)
affected

7.3(2)D1(3a)
affected

7.3(1)N1(1)
affected

9.2(4)
affected

6.0(2)A8(10)
affected

6.0(2)A8(2)
affected

7.0(3)IC4(4)
affected

7.3(4)N1(1a)
affected

8.1(2)
affected

7.0(3)F3(3c)
affected

7.3(3)D1(1)
affected

7.0(3)F3(1)
affected

7.0(3)F3(5)
affected

8.2(3)
affected

7.0(3)I7(2)
affected

7.0(3)I5(3)
affected

7.0(3)I7(3)
affected

6.0(2)A8(6)
affected

7.0(3)I6(2)
affected

8.3(1)
affected

8.4(1)
affected

8.1(1b)
affected

7.3(0)N1(1b)
affected

6.0(2)A8(5)
affected

7.3(0)DX(1)
affected

7.3(2)D1(1)
affected

7.3(2)N1(1)
affected

9.3(1)
affected

7.3(0)N1(1a)
affected

6.0(2)A8(7)
affected

7.0(3)I7(6)
affected

7.3(2)D1(2)
affected

6.0(2)A8(11a)
affected

7.0(3)I4(8z)
affected

7.0(3)I4(9)
affected

8.2(4)
affected

7.0(3)I7(4)
affected

7.0(3)I7(7)
affected

6.0(2)A8(9)
affected

6.0(2)A8(1)
affected

6.0(2)A8(10a)
affected

7.0(3)I5(1)
affected

9.3(1z)
affected

9.2(2)
affected

5.2(1)SV5(1.2)
affected

7.0(3)F3(4)
affected

7.3(3)N1(1)
affected

7.0(3)I4(8b)
affected

8.1(2a)
affected

7.3(2)D1(3)
affected

6.0(2)A8(3)
affected

7.0(3)I4(6t)
affected

7.0(3)I5(3a)
affected

8.1(1a)
affected

6.0(2)A8(8)
affected

7.0(3)I7(5)
affected

7.0(3)F3(3a)
affected

6.0(2)A8(4)
affected

7.0(3)I4(8a)
affected

7.0(3)F3(2)
affected

7.0(3)I4(4)
affected

7.0(3)I7(1)
affected

7.0(3)IA7(2)
affected

7.0(3)IA7(1)
affected

6.0(2)A8(7b)
affected

7.3(1)D1(1)
affected

5.2(1)SV5(1.1)
affected

6.0(2)A8(4a)
affected

7.3(0)D1(1)
affected

5.2(1)SV5(1.3)
affected

8.4(1a)
affected

9.3(3)
affected

7.3(2)D1(1d)
affected

7.3(7)N1(1)
affected

7.0(3)I7(8)
affected

7.3(7)N1(1a)
affected

9.3(4)
affected

7.3(6)D1(1)
affected

8.2(6)
affected

9.3(5)
affected

8.4(2a)
affected

8.4(2b)
affected

7.3(8)N1(1)
affected

7.0(3)I7(9)
affected

7.3(7)N1(1b)
affected

5.2(1)SV5(1.3a)
affected

8.5(1)
affected

9.3(6)
affected

10.1(2)
affected

10.1(1)
affected

8.4(4)
affected

7.3(7)D1(1)
affected

8.4(2c)
affected

5.2(1)SV5(1.3b)
affected

9.3(5w)
affected

8.2(7)
affected

7.3(9)N1(1)
affected

9.3(7)
affected

9.3(7k)
affected

7.0(3)I7(9w)
affected

10.2(1)
affected

7.3(8)N1(1a)
affected

7.3(8)D1(1)
affected

9.3(7a)
affected

8.2(7a)
affected

9.3(8)
affected

8.4(4a)
affected

8.4(2d)
affected

7.3(10)N1(1)
affected

8.4(5)
affected

7.0(3)I7(10)
affected

7.3(8)N1(1b)
affected

8.2(8)
affected

10.2(1q)
affected

10.2(2)
affected

9.3(9)
affected

10.1(2t)
affected

5.2(1)SV5(1.3c)
affected

7.3(9)D1(1)
affected

7.3(11)N1(1)
affected

10.2(3)
affected

8.4(6)
affected

10.2(3t)
affected

8.4(2e)
affected

9.3(10)
affected

7.3(11)N1(1a)
affected

10.2(2a)
affected

7.3(12)N1(1)
affected

9.2(1a)
affected

8.2(9)
affected

10.3(1)
affected

10.2(4)
affected

7.3(13)N1(1)
affected

8.4(7)
affected

10.3(2)
affected

8.4(6a)
affected

9.3(11)
affected

10.3(3)
affected

10.2(5)
affected

9.4(1)
affected

9.3(2a)
affected

8.4(2f)
affected

8.2(10)
affected

9.3(12)
affected

10.2(3v)
affected

10.4(1)
affected

8.4(8)
affected

10.3(99w)
affected

7.3(14)N1(1)
affected

10.2(6)
affected

10.3(3w)
affected

10.3(99x)
affected

10.3(3o)
affected

8.4(9)
affected

10.3(4)
affected

10.3(3p)
affected

10.3(4a)
affected

9.4(1a)
affected

10.4(2)
affected

10.3(3q)
affected

9.3(13)
affected

8.2(11)
affected

9.4(2)
affected

10.3(5)
affected

10.2(7)
affected

10.4(3)
affected

10.3(3x)
affected

10.3(4g)
affected

10.5(1)
affected

7.3(15)N1(1)
affected

8.4(10)
affected

9.4(2a)
affected

10.2(8)
affected

10.3(3r)
affected

10.3(6)
affected

9.3(14)
affected

10.4(4)
affected

10.3(4h)
affected

10.5(2)
affected

9.4(3)
affected

9.4(3a)
affected

10.4(4g)
affected

Default status
unknown

14.1(1j)
affected

14.0(3d)
affected

14.1(1k)
affected

13.2(1m)
affected

14.0(3c)
affected

13.2(2l)
affected

13.2(7k)
affected

14.1(1l)
affected

14.2(2f)
affected

13.2(3s)
affected

13.2(2o)
affected

14.0(2c)
affected

14.1(2m)
affected

13.2(5e)
affected

14.1(2o)
affected

13.2(7f)
affected

13.2(41d)
affected

13.2(4d)
affected

13.2(3o)
affected

13.2(1l)
affected

14.0(1h)
affected

13.2(3n)
affected

14.2(1l)
affected

14.2(2e)
affected

13.2(4e)
affected

14.2(1i)
affected

13.2(9b)
affected

14.1(2s)
affected

14.1(1i)
affected

14.1(2g)
affected

13.2(3j)
affected

13.2(5d)
affected

13.2(6i)
affected

14.1(2u)
affected

13.2(3i)
affected

13.2(3r)
affected

13.2(5f)
affected

14.2(1j)
affected

14.1(2w)
affected

14.2(3n)
affected

14.2(3l)
affected

14.2(3j)
affected

14.2(2g)
affected

13.2(8d)
affected

14.1(2x)
affected

13.2(9f)
affected

14.2(3q)
affected

14.2(4i)
affected

13.2(9h)
affected

15.0(1k)
affected

14.2(4k)
affected

15.0(1l)
affected

15.0(2e)
affected

14.2(4o)
affected

14.2(4p)
affected

15.0(2h)
affected

14.2(5k)
affected

14.2(5l)
affected

14.2(5n)
affected

15.1(1h)
affected

14.2(6d)
affected

15.1(2e)
affected

14.2(6g)
affected

14.2(6h)
affected

15.1(3e)
affected

13.2(10e)
affected

14.2(6l)
affected

14.2(7f)
affected

15.1(4c)
affected

14.2(6o)
affected

15.2(1g)
affected

15.2(2e)
affected

14.2(7l)
affected

13.2(10f)
affected

15.2(2f)
affected

15.2(2g)
affected

14.2(7q)
affected

15.2(2h)
affected

15.2(3f)
affected

15.2(3e)
affected

15.2(3g)
affected

14.2(7r)
affected

14.2(7s)
affected

15.2(4d)
affected

15.2(4e)
affected

14.2(7t)
affected

15.2(5c)
affected

15.2(5d)
affected

13.2(10g)
affected

16.0(1g)
affected

14.2(7u)
affected

15.2(5e)
affected

15.2(4f)
affected

15.2(6e)
affected

15.2(6h)
affected

16.0(1j)
affected

15.2(6g)
affected

15.2(7f)
affected

14.2(7v)
affected

15.2(7g)
affected

16.0(2h)
affected

14.2(7w)
affected

15.2(8d)
affected

16.0(2j)
affected

15.2(8e)
affected

16.0(3d)
affected

16.0(3e)
affected

15.2(8f)
affected

15.2(8g)
affected

15.3(1d)
affected

15.2(8h)
affected

16.0(4c)
affected

15.3(2a)
affected

15.2(8i)
affected

16.0(5h)
affected

15.3(2b)
affected

16.0(3g)
affected

16.0(5j)
affected

15.3(2c)
affected

16.0(6c)
affected

15.3(2d)
affected

16.1(1f)
affected

16.0(7e)
affected

16.0(8e)
affected

15.3(2e)
affected

16.0(8f)
affected

16.1(2f)
affected

16.1(2g)
affected

15.3(2f)
affected

16.0(9c)
affected

16.1(3f)
affected

16.0(9d)
affected

16.0(6h)
affected

16.0(8h)
affected

16.1(3g)
affected

Default status
unknown

4.0(4c)
affected

4.0(2b)
affected

4.1(2a)
affected

4.0(1a)
affected

4.0(2a)
affected

4.0(1b)
affected

4.1(1c)
affected

4.0(4a)
affected

4.0(4b)
affected

4.0(2e)
affected

4.1(1a)
affected

4.0(4d)
affected

4.0(4h)
affected

4.0(4g)
affected

4.0(1d)
affected

4.1(1e)
affected

4.0(4f)
affected

4.0(4e)
affected

4.0(4i)
affected

4.1(1d)
affected

4.0(2d)
affected

4.1(1b)
affected

4.0(1c)
affected

4.1(2b)
affected

4.0(4k)
affected

4.1(3a)
affected

4.1(3b)
affected

4.1(2c)
affected

4.0(4l)
affected

4.1(4a)
affected

4.1(3c)
affected

4.1(3d)
affected

4.2(1c)
affected

4.2(1d)
affected

4.0(4m)
affected

4.1(3e)
affected

4.2(1f)
affected

4.1(3f)
affected

4.2(1i)
affected

4.1(3h)
affected

4.2(1k)
affected

4.2(1l)
affected

4.0(4n)
affected

4.2(1m)
affected

4.1(3i)
affected

4.2(2a)
affected

4.2(1n)
affected

4.1(3j)
affected

4.2(2c)
affected

4.2(2d)
affected

4.2(3b)
affected

4.1(3k)
affected

4.0(4o)
affected

4.2(2e)
affected

4.2(3d)
affected

4.2(3e)
affected

4.2(3g)
affected

4.1(3l)
affected

4.3(2b)
affected

4.2(3h)
affected

4.2(3i)
affected

4.3(2c)
affected

4.1(3m)
affected

4.3(2e)
affected

4.3(3a)
affected

4.2(3j)
affected

4.3(3c)
affected

4.3(4a)
affected

4.2(3k)
affected

4.3(4b)
affected

4.3(4c)
affected

4.2(3l)
affected

4.3(4d)
affected

4.3(2f)
affected

4.2(3m)
affected

4.3(5a)
affected

4.3(4e)
affected

4.1(3n)
affected

4.3(4f)
affected

4.2(3n)
affected

4.3(5c)
affected

4.2(3o)
affected

4.3(5d)
affected

4.3(5e)
affected

References

sec.cloudapps.cisco.com/...ory/cisco-sa-nxos-cmdinj-qhNze5Ss (cisco-sa-nxos-cmdinj-qhNze5Ss)

cve.org (CVE-2025-20292)

nvd.nist.gov (CVE-2025-20292)

Download JSON