Executive Summary
| Summary | |
|---|---|
| Title | Multiple Vulnerabilities in Cisco NX-OS-Based Products |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20140521-nxos | First vendor Publication | 2014-05-21 |
| Vendor | Cisco | Last vendor Modification | 2014-05-21 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities: * Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTfNQKAAoJEIpI1I6i1Mx3cWQQALMuU9ECOTV//eDDtq4NfEXl 24SkIqEvbpuOvzBJKJSZn44wAxLHDFh32Hh88d2rLy+qkIp8nVzSfIoyXkmucMXu GF1SkMh4ZUEolon970gtGyX/uaWab7GBH+NWFNlfhVO0bRvZQwkZruORnYLVbPNz Etkd1NXqWYqPxNLcHW2P12ReZM+nGeJf+5QDgBWhvfpjSKIAE2HeBsRqX3jv7Ly3 IjeyTR9wDE4ywNl7BdNEXdv1Kj4cZX6oGbnDkam/bp0C5K7Zp8LifvCZPBAnlFHt yBZm1ThTQ+3L+fPjLFoqBCzwD4jRGaG0ADANSnaIsqOysBZNEK3ijFNDjhnLELZh wS/cizW/7ZaAR0BSfxGUPC9FScy+JfIse7xorJHUyxHC5myTccGtJrzLiOE79sAY +ta/eatTtsc2GrVnLVDueccY4ZbyCnxsJh/a7ptrgFiZu6cGiIee9bEeZ+Wx8GL3 6WLCq5FE7L0aWIo/r34wYFSUUQ2ibAuyvQUhe9P9lhakOpIClCCcOWThO/u/FzeW qAyidLsLr5GBjUPLeAbtIxBu9Paa+vfqjr9SbpPHU9BmdBx3vJpT0Vtn8YFlO9tK odEBUF2bt9v731qeLPpITi9ZEKOZCSDLDgqMr/pUPBTDMSvfkOETHPHyKphMbhjv 7WDINdb1rSQxB5mg/2Sw =0nWM END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2014-05-29 | IAVM : 2014-A-0077 - Multiple Vulnerabilities in Cisco NX-OS Products Severity : Category I - VMSKEY : V0051611 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-05-30 | Name : The remote device is running a vulnerable version of NX-OS. File : cisco-sa-20140521-nxos.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-05-31 13:23:51 |
|
| 2014-05-31 00:20:40 |
|
| 2014-05-27 21:27:23 |
|
| 2014-05-21 21:22:18 |
|
