Lucene search

CiscoCISCO-SA-20140521-NXOS

HistoryMay 21, 2014 - 4:00 p.m.

Multiple Vulnerabilities in Cisco NX-OS-Based Products

2014-05-2116:00:00

tools.cisco.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

55.4%

JSON

Cisco Nexus, Cisco Unified Computing System (UCS), and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities:

Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability
Cisco NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability
Cisco NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability
Cisco NX-OS Message Transfer Service Denial of Service Vulnerability 

    No officially released images are affected

Cisco has released software updates that address these vulnerabilities.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos”]

Affected configurations

Vulners

Node

cisconx_osMatch4.1

cisconx_osMatch5.0

cisconx_osMatch4.2

cisconx_osMatch5.1

cisconx_osMatch5.2

cisconx_osMatch6.1

cisconx_osMatch4.0\(0\)n1

cisconx_osMatch4.0\(1a\)n1

cisconx_osMatch4.0\(1a\)n2

cisconx_osMatch4.1\(2\)e1

cisconx_osMatch4.1\(3\)n1

cisconx_osMatch4.1\(3\)n2

cisconx_osMatch4.2\(1\)n1

cisconx_osMatch4.2\(1\)n2

cisconx_osMatch5.0\(2\)n1

cisconx_osMatch5.0\(2\)n2

cisconx_osMatch5.0\(3\)n1

cisconx_osMatch5.0\(3\)n2

cisconx_osMatch5.0\(3\)u1

cisconx_osMatch6.0

ciscounified_computing_systemMatchany

ciscocg-osMatchany

cisconx_osMatch4.1\(2\)

cisconx_osMatch4.1\(3\)

cisconx_osMatch4.1\(4\)

cisconx_osMatch4.1\(5\)

cisconx_osMatch5.0\(2a\)

cisconx_osMatch5.0\(3\)

cisconx_osMatch5.0\(5\)

cisconx_osMatch4.2\(2a\)

cisconx_osMatch4.2\(3\)

cisconx_osMatch4.2\(4\)

cisconx_osMatch4.2\(6\)

cisconx_osMatch4.2\(8\)

cisconx_osMatch5.1\(1\)

cisconx_osMatch5.1\(1a\)

cisconx_osMatch5.1\(3\)

cisconx_osMatch5.1\(4\)

cisconx_osMatch5.1\(5\)

cisconx_osMatch5.1\(6\)

cisconx_osMatch5.2\(1\)

cisconx_osMatch5.2\(3a\)

cisconx_osMatch5.2\(4\)

cisconx_osMatch5.2\(5\)

cisconx_osMatch5.2\(7\)

cisconx_osMatch5.2\(9\)

cisconx_osMatch6.1\(1\)

cisconx_osMatch6.1\(2\)

cisconx_osMatch6.1\(3\)

cisconx_osMatch6.1\(4\)

cisconx_osMatch4.0\(0\)n1\(1a\)

cisconx_osMatch4.0\(0\)n1\(2\)

cisconx_osMatch4.0\(0\)n1\(2a\)

cisconx_osMatch4.0\(1a\)n1\(1\)

cisconx_osMatch4.0\(1a\)n1\(1a\)

cisconx_osMatch4.0\(1a\)n2\(1\)

cisconx_osMatch4.0\(1a\)n2\(1a\)

cisconx_osMatch4.1\(2\)e1\(1\)

cisconx_osMatch4.1\(2\)e1\(1b\)

cisconx_osMatch4.1\(2\)e1\(1d\)

cisconx_osMatch4.1\(2\)e1\(1e\)

cisconx_osMatch4.1\(2\)e1\(1f\)

cisconx_osMatch4.1\(2\)e1\(1g\)

cisconx_osMatch4.1\(2\)e1\(1h\)

cisconx_osMatch4.1\(2\)e1\(1i\)

cisconx_osMatch4.1\(2\)e1\(1j\)

cisconx_osMatch4.1\(3\)n1\(1\)

cisconx_osMatch4.1\(3\)n1\(1a\)

cisconx_osMatch4.1\(3\)n2\(1\)

cisconx_osMatch4.1\(3\)n2\(1a\)

cisconx_osMatch4.2\(1\)n1\(1\)

cisconx_osMatch4.2\(1\)n2\(1\)

cisconx_osMatch4.2\(1\)n2\(1a\)

cisconx_osMatch5.0\(2\)n1\(1\)

cisconx_osMatch5.0\(2\)n2\(1\)

cisconx_osMatch5.0\(2\)n2\(1a\)

cisconx_osMatch5.0\(3\)n1\(1c\)

cisconx_osMatch5.0\(3\)n2\(1\)

cisconx_osMatch5.0\(3\)n2\(2\)

cisconx_osMatch5.0\(3\)n2\(2a\)

cisconx_osMatch5.0\(3\)n2\(2b\)

cisconx_osMatch5.0\(3\)u1\(1\)

cisconx_osMatch5.0\(3\)u1\(1a\)

cisconx_osMatch5.0\(3\)u1\(1b\)

cisconx_osMatch5.0\(3\)u1\(1d\)

cisconx_osMatch5.0\(3\)u1\(2\)

cisconx_osMatch5.0\(3\)u1\(2a\)

cisconx_osMatch6.0\(1\)

cisconx_osMatch6.0\(2\)

cisconx_osMatch6.0\(3\)

cisconx_osMatch6.0\(4\)

ciscounified_computing_systemMatchany

ciscocg-osMatchany

VendorProductVersionCPE
cisconx_os4.1cpe:2.3:o:cisco:nx_os:4.1:*:*:*:*:*:*:*
cisconx_os5.0cpe:2.3:o:cisco:nx_os:5.0:*:*:*:*:*:*:*
cisconx_os4.2cpe:2.3:o:cisco:nx_os:4.2:*:*:*:*:*:*:*
cisconx_os5.1cpe:2.3:o:cisco:nx_os:5.1:*:*:*:*:*:*:*
cisconx_os5.2cpe:2.3:o:cisco:nx_os:5.2:*:*:*:*:*:*:*
cisconx_os6.1cpe:2.3:o:cisco:nx_os:6.1:*:*:*:*:*:*:*
cisconx_os4.0(0)n1cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n1cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:*:*:*:*:*:*:*
cisconx_os4.0(1a)n2cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:*:*:*:*:*:*:*
cisconx_os4.1(2)e1cpe:2.3:o:cisco:nx_os:4.1\(2\)e1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nx_os	4.1	cpe:2.3:o:cisco:nx_os:4.1:::::::*
cisco	nx_os	5.0	cpe:2.3:o:cisco:nx_os:5.0:::::::*
cisco	nx_os	4.2	cpe:2.3:o:cisco:nx_os:4.2:::::::*
cisco	nx_os	5.1	cpe:2.3:o:cisco:nx_os:5.1:::::::*
cisco	nx_os	5.2	cpe:2.3:o:cisco:nx_os:5.2:::::::*
cisco	nx_os	6.1	cpe:2.3:o:cisco:nx_os:6.1:::::::*
cisco	nx_os	4.0(0)n1	cpe:2.3:o:cisco:nx_os:4.0\(0\)n1:::::::*
cisco	nx_os	4.0(1a)n1	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n1:::::::*
cisco	nx_os	4.0(1a)n2	cpe:2.3:o:cisco:nx_os:4.0\(1a\)n2:::::::*
cisco	nx_os	4.1(2)e1	cpe:2.3:o:cisco:nx_os:4.1\(2\)e1:::::::*