Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551)

2013-10-1100:00:00

www.tenable.com

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

EPSS

0.002

Percentile

53.2%

JSON

A vulnerability in the Open Network Environment Platform (ONEP) could allow an authenticated, remote attacker to cause the network element to reload.

The vulnerability is due to insufficient pointer validation. An attacker could exploit this vulnerability by sending a crafted packet to an ONEP-enabled network element. Successful exploitation could allow the attacker to cause the network element to reload.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text in this plugin was extracted from Cisco
# Security Notice CVE-2013-1121.  The text itself is copyright (C)
# Cisco.
#

include("compat.inc");

if (description)
{
  script_id(70399);
  script_version("1.5");
  script_cvs_date("Date: 2019/10/29 10:38:39");

  script_cve_id("CVE-2013-5496");
  script_bugtraq_id(62403);
  script_xref(name:"CISCO-BUG-ID", value:"CSCui51551");

  script_name(english:"Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551)");
  script_summary(english:"Checks the NX-OS version.");

  script_set_attribute(attribute:"synopsis", value:"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"A vulnerability in the Open Network Environment Platform (ONEP) could
allow an authenticated, remote attacker to cause the network element
to reload.

The vulnerability is due to insufficient pointer validation. An
attacker could exploit this vulnerability by sending a crafted packet
to an ONEP-enabled network element. Successful exploitation could
allow the attacker to cause the network element to reload.");
  # https://tools.cisco.com/security/center/viewAlert.x?alertId=30795
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f77b5da1");
  script_set_attribute(attribute:"solution", value:"Apply the patch referenced in Cisco bug ID CSCui51551.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/09/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/10/11");

  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc.");
  script_family(english:"CISCO");

  script_dependencies("cisco_nxos_version.nasl");
  script_require_keys("Host/Cisco/NX-OS/Version", "Host/Cisco/NX-OS/Device", "Host/Cisco/NX-OS/Model");

  exit(0);
}

include("audit.inc");
include("cisco_func.inc");

device = get_kb_item_or_exit("Host/Cisco/NX-OS/Device");
model = get_kb_item_or_exit("Host/Cisco/NX-OS/Model");
version = get_kb_item_or_exit("Host/Cisco/NX-OS/Version");

# only affects nexus 3000 series systems
if (device != 'Nexus' || model !~ '^3[0-9][0-9][0-9]([^0-9]|$)') audit(AUDIT_HOST_NOT, "affected");

if (
 version == "6.0(2)U1(1)" ||
 version == "6.0(2)U1(2)"
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Model             : ' + device + ' ' + model +
      '\n  Installed version : ' + version +
      '\n  Fixed version     : 6.0(2)U1(3)' +
      '\n';
    security_warning(port:0, extra:report);
  }
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");