CVE-2013-5556

2013-11-1803:55:06

CWE-264

cisco

web.nvd.nist.gov

cisco

nexus 1000v

switch

privilege escalation

vulnerability

cve-2013-5556

nvd

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

Percentile

16.6%

JSON

The license-installation module on the Cisco Nexus 1000V switch 4.2(1)SV1(5.2b) and earlier for VMware vSphere, Cisco Nexus 1000V switch 5.2(1)SM1(5.1) for Microsoft Hyper-V, and Cisco Virtual Security Gateway 4.2(1)VSG1(1) for Nexus 1000V switches allows local users to gain privileges and execute arbitrary commands via crafted “install all iso” arguments, aka Bug ID CSCui21340.

Affected configurations

Nvd

Node

cisconexus_1000vMatch4.2\(1\)vsg1\(1\)-nexus_1000v

Node

cisconexus_1000vMatch5.2\(1\)sm1\(5.1\)-microsoft_hyper-v

Node

cisconexus_1000vRange≤4.2\(1\)sv1\(5.2b\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)_sv1\(4\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)_sv1\(4a\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)_sv1\(4b\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)sv1\(5.1\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)sv1\(5.1a\)-vmware_vsphere

cisconexus_1000vMatch4.2\(1\)sv1\(5.2\)-vmware_vsphere

VendorProductVersionCPE
cisconexus_1000v4.2(1)vsg1(1)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)vsg1\(1\):-:*:*:*:nexus_1000v:*:*
cisconexus_1000v5.2(1)sm1(5.1)cpe:2.3:h:cisco:nexus_1000v:5.2\(1\)sm1\(5.1\):-:*:*:*:microsoft_hyper-v:*:*
cisconexus_1000v*cpe:2.3:h:cisco:nexus_1000v:*:-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)_sv1(4)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4\):-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)_sv1(4a)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4a\):-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)_sv1(4b)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4b\):-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)sv1(5.1)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.1\):-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)sv1(5.1a)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.1a\):-:*:*:*:vmware_vsphere:*:*
cisconexus_1000v4.2(1)sv1(5.2)cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.2\):-:*:*:*:vmware_vsphere:*:*

Vendor	Product	Version	CPE
cisco	nexus_1000v	4.2(1)vsg1(1)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)vsg1\(1\):-::::nexus_1000v::*
cisco	nexus_1000v	5.2(1)sm1(5.1)	cpe:2.3:h:cisco:nexus_1000v:5.2\(1\)sm1\(5.1\):-::::microsoft_hyper-v::*
cisco	nexus_1000v	*	cpe:2.3:h:cisco:nexus_1000v::-::::vmware_vsphere::
cisco	nexus_1000v	4.2(1)_sv1(4)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4\):-::::vmware_vsphere::*
cisco	nexus_1000v	4.2(1)_sv1(4a)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4a\):-::::vmware_vsphere::*
cisco	nexus_1000v	4.2(1)_sv1(4b)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)_sv1\(4b\):-::::vmware_vsphere::*
cisco	nexus_1000v	4.2(1)sv1(5.1)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.1\):-::::vmware_vsphere::*
cisco	nexus_1000v	4.2(1)sv1(5.1a)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.1a\):-::::vmware_vsphere::*
cisco	nexus_1000v	4.2(1)sv1(5.2)	cpe:2.3:h:cisco:nexus_1000v:4.2\(1\)sv1\(5.2\):-::::vmware_vsphere::*