Vulnerability CVE-2013-1181


Published: 2013-04-25

Description:
Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389.

See advisories in our WLB2 database:
Topic
Author
Date
High
Cisco NX-OS-Based Products Multiple Vulnerabilities
CISCO
24.04.2013

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Nexus 3016q 
Cisco -> Nexus 3048 
Cisco -> Nexus 3064t 
Cisco -> Nexus 3064x 
Cisco -> Nexus 3548 
Cisco -> Nexus 5548p 
Cisco -> Nexus 5548p switch 
Cisco -> Nexus 5548up 
Cisco -> Nexus 5548up switch 
Cisco -> Nexus 5596up 
Cisco -> Nexus 5596up switch 
Cisco -> Unified computing system 6248up fabric interconnect 
Cisco -> Unified computing system 6296up fabric interconnect 
Cisco -> Nx-os 
Cisco -> Unified computing system infrastructure and unified computing system software 

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti

Copyright 2020, cxsecurity.com

 

Back to Top