Details of VAR-201304-0264

ID

VAR-201304-0264

CVE

CVE-2013-1181

TITLE

plural Cisco Run on product Cisco NX-OS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002471

DESCRIPTION

Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389. plural Cisco Run on product Cisco NX-OS There is a service disruption ( Device reload ) There are vulnerabilities that are put into a state. The Cisco Unified Computing System simplifies IT management and increases flexibility by consolidating unified computing, networking, storage access, and virtualization into one system. Cisco Nexus is a data center-class switch from Cisco. This vulnerability is not triggered by oversized messages that pass through the device switch fabric. Multiple Cisco NX-OS-Based products are prone to a remote denial-of-service vulnerability. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCtx17544, CSCts10593, and CSCtx95389

Trust: 2.52

sources: NVD: CVE-2013-1181 // JVNDB: JVNDB-2013-002471 // CNVD: CNVD-2013-04353 // BID: 59458 // VULHUB: VHN-61183

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-04353

AFFECTED PRODUCTS

vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1n\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1o\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(1j\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.1\(1m\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(1m\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.2\(1d\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1m\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1c\)	Trust: 1.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.0\(2k\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3c\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nexus 5548p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1p\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nexus 3064t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	lte	version:	2.0\(1t\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nexus 3064x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3i\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3m\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nexus 5596up	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4g\)	Trust: 1.0
vendor:	cisco	model:	nexus 5548up	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3u\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1q\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3y\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1t\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1w\)	Trust: 1.0
vendor:	cisco	model:	nexus 3548	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2.\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nexus 3016q	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nexus 3048	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4j\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	unified computing system 6296up fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4i\)	Trust: 1.0
vendor:	cisco	model:	unified computing system 6248up fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3l\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1y\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3q\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1q\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4k\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nexus 3048 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0(3)n2(2)	Trust: 0.8
vendor:	cisco	model:	ucs 6248up 48 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs infrastructure and ucs manager software	scope:	eq	version:	2.0(1w)	Trust: 0.8
vendor:	cisco	model:	nexus 5548p switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0(3)u3(2)	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.x ( cisco nexus 5500 series )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	5.x ( cisco nexus 3000 series )	Trust: 0.8
vendor:	cisco	model:	nexus 3064-x switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3064-t switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3548 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs 6296up 96 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 5548up switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs infrastructure and ucs manager software	scope:	lt	version:	( cisco ucs 6200 series )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	5.x ( cisco nexus 5500 series )	Trust: 0.8
vendor:	cisco	model:	nexus 5596up switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3016q switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	unified computing system	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	5500	Trust: 0.6
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1t\)	Trust: 0.6

sources: CNVD: CNVD-2013-04353 // JVNDB: JVNDB-2013-002471 // CNNVD: CNNVD-201304-521 // NVD: CVE-2013-1181

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1181
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-1181
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-04353
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201304-521
value:	HIGH
Trust: 0.6
VULHUB:	VHN-61183
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-1181
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-04353
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-61183
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-04353 // VULHUB: VHN-61183 // JVNDB: JVNDB-2013-002471 // CNNVD: CNNVD-201304-521 // NVD: CVE-2013-1181

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-61183 // JVNDB: JVNDB-2013-002471 // NVD: CVE-2013-1181

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-521

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201304-521

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002471

PATCH

title:	cisco-sa-20130424-nxosmulti	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti	Trust: 0.8
title:	29024	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=29024	Trust: 0.8
title:	28737	url:	http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=28737	Trust: 0.8
title:	cisco-sa-20130424-nxosmulti	url:	http://www.cisco.com/cisco/web/support/JP/111/1117/1117910_cisco-sa-20130424-nxosmulti-j.html	Trust: 0.8
title:	Patch for multiple Cisco product Jumbo packet denial of service vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/33666	Trust: 0.6

sources: CNVD: CNVD-2013-04353 // JVNDB: JVNDB-2013-002471

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1181	Trust: 3.4
db:	BID	id:	59458	Trust: 1.6
db:	JVNDB	id:	JVNDB-2013-002471	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-521	Trust: 0.7
db:	CNVD	id:	CNVD-2013-04353	Trust: 0.6
db:	CISCO	id:	20130424 MULTIPLE VULNERABILITIES IN CISCO NX-OS-BASED PRODUCTS	Trust: 0.6
db:	SECUNIA	id:	53189	Trust: 0.6
db:	VULHUB	id:	VHN-61183	Trust: 0.1

sources: CNVD: CNVD-2013-04353 // VULHUB: VHN-61183 // BID: 59458 // JVNDB: JVNDB-2013-002471 // CNNVD: CNNVD-201304-521 // NVD: CVE-2013-1181

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130424-nxosmulti	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1181	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1181	Trust: 0.8
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=29024	Trust: 0.6
url:	http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=csctx17544	Trust: 0.6
url:	http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=cscts10593	Trust: 0.6
url:	http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails&bugid=csctx95389	Trust: 0.6
url:	http://secunia.com/advisories/53189	Trust: 0.6
url:	http://www.securityfocus.com/bid/59458	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2013-04353 // VULHUB: VHN-61183 // BID: 59458 // JVNDB: JVNDB-2013-002471 // CNNVD: CNNVD-201304-521 // NVD: CVE-2013-1181

CREDITS

Cisco

Trust: 0.9

sources: BID: 59458 // CNNVD: CNNVD-201304-521

SOURCES

db:	CNVD	id:	CNVD-2013-04353
db:	VULHUB	id:	VHN-61183
db:	BID	id:	59458
db:	JVNDB	id:	JVNDB-2013-002471
db:	CNNVD	id:	CNNVD-201304-521
db:	NVD	id:	CVE-2013-1181

LAST UPDATE DATE

2024-11-23T22:39:05.513000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-04353	date:	2013-04-27T00:00:00
db:	VULHUB	id:	VHN-61183	date:	2018-10-30T00:00:00
db:	BID	id:	59458	date:	2013-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2013-002471	date:	2013-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201304-521	date:	2013-04-26T00:00:00
db:	NVD	id:	CVE-2013-1181	date:	2024-11-21T01:49:03.803

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-04353	date:	2013-04-27T00:00:00
db:	VULHUB	id:	VHN-61183	date:	2013-04-25T00:00:00
db:	BID	id:	59458	date:	2013-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2013-002471	date:	2013-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201304-521	date:	2013-04-25T00:00:00
db:	NVD	id:	CVE-2013-1181	date:	2013-04-25T10:55:01.663