ID

VAR-201304-0263

CVE

CVE-2013-1180

TITLE

Nexus 7000 and MDS 9000 Runs on the device Cisco NX-OS Vulnerable to buffer overflow

DESCRIPTION

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822. Nexus 7000 and MDS 9000 Runs on the device Cisco NX-OS of SNMP There is a buffer overflow vulnerability in the implementation of. Vendors have confirmed this vulnerability CSCtx54822 It is released as.Crafted by remotely authenticated users SNMP Arbitrary code may be executed via a request. The Cisco MDS 9000 is a family of multi-layer intelligent optical channel switches from Cisco. Cisco Nexus is a data center-class switch from Cisco. SNMP is disabled by default and requires administrator configuration before it can be used. Since SNMP is mainly based on the UDP protocol, it can be utilized without completing the TCP three-way handshake, and the attack can be performed by forging the source. The attacker needs to know the public strings of SNMP V1 and V1 to exploit this vulnerability. An SNMP V3 device is configured. The attacker needs a valid username and password for use. Multiple Cisco NX-OS-Based products are prone to a buffer-overflow vulnerability. This issue is being tracked by Cisco Bug ID CSCtx54822. Attackers can exploit this issue to execute arbitrary code with elevated privileges. Failed exploit attempts will result in denial-of-service conditions

IOT TAXONOMY

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer overflow

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Cisco

SOURCES

LAST UPDATE DATE

2024-11-23T22:39:05.549000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE