Details of VAR-201304-0277

ID

VAR-201304-0277

CVE

CVE-2013-1178

TITLE

plural Cisco Run on product Cisco NX-OS of CDP Implementation buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2013-002468

DESCRIPTION

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275. plural CISCO Run on product Cisco NX-OS of Cisco Discovery Protocol (CDP) There is a buffer overflow vulnerability in the implementation of. Vendors have confirmed this vulnerability Bug IDs CSCtu10630 , CSCtu10551 , CSCtu10550 , CSCtw56581 , CSCtu10548 , CSCtu10544 ,and CSCuf61275 It is released as.Malformed by a third party CDP An arbitrary code may be executed via a packet. The Cisco MDS 9000 is a family of multi-layer intelligent optical channel switches from Cisco. Cisco Nexus is a data center-class switch from Cisco. The Cisco Unified Computing System simplifies IT management and increases flexibility by consolidating unified computing, networking, storage access, and virtualization into one system. The Cisco Connected Grid Router is a router dedicated to smart grid-related devices. The vulnerability is caused by the malformed CDP packet being processed incorrectly. The vulnerability can be triggered by an attacker submitting a malformed CDP packet to the affected device. Since CDP works at the data link layer, an attacker must send an Ethernet frame directly to the affected device to exploit this vulnerability. Multiple Cisco NX-OS-Based products are prone to multiple remote buffer-overflow vulnerabilities because they fail to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the elevated privileges. Failed exploit attempts will result in a denial-of-service condition. These issues being tracked by Cisco Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275

Trust: 2.52

sources: NVD: CVE-2013-1178 // JVNDB: JVNDB-2013-002468 // CNVD: CNVD-2013-04354 // BID: 59452 // VULHUB: VHN-61180

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-04354

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1a\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n1\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1c\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n1\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3d\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	lte	version:	2.0\(1x\)	Trust: 1.0
vendor:	cisco	model:	nexus 4001i	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3a\)	Trust: 1.0
vendor:	cisco	model:	nexus 5010	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3c\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nexus 5000	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)	Trust: 1.0
vendor:	cisco	model:	nexus 5548p	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nexus 7000	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system 6120xp fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(2\)	Trust: 1.0
vendor:	cisco	model:	nexus 7000 9-slot	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	cg-os	scope:	lte	version:	cg4	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.2	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3s\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nexus 3000	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1p\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1n\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nexus 3064t	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(1m\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2b\)	Trust: 1.0
vendor:	cisco	model:	cg-os	scope:	eq	version:	cg3	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nexus 3064x	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3i\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3m\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(3\)	Trust: 1.0
vendor:	cisco	model:	nexus 1000v	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nexus 7000 10-slot	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(5\)	Trust: 1.0
vendor:	cisco	model:	nexus 5596up	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4g\)	Trust: 1.0
vendor:	cisco	model:	nexus 5548up	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3u\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1q\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.1	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3y\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1t\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(3a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.0	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(3\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(2\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1w\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1t\)	Trust: 1.0
vendor:	cisco	model:	nexus 3548	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2.\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.0\(2k\)	Trust: 1.0
vendor:	cisco	model:	nexus 3016q	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nexus 3048	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	2.0\(1w\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1m\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4j\)	Trust: 1.0
vendor:	cisco	model:	unified computing system 6296up fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.1\(1m\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(8\)	Trust: 1.0
vendor:	cisco	model:	nexus 7000 18-slot	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4i\)	Trust: 1.0
vendor:	cisco	model:	unified computing system 6248up fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	lte	version:	4.1.\(2\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(1j\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3l\)	Trust: 1.0
vendor:	cisco	model:	unified computing system 6140xp fabric interconnect	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4a\)	Trust: 1.0
vendor:	cisco	model:	cg-os	scope:	eq	version:	cg1	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3\)	Trust: 1.0
vendor:	cisco	model:	connected grid router 1000	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1y\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1o\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(3q\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.2\(1a\)	Trust: 1.0
vendor:	cisco	model:	mds 9000	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.2\(1d\)	Trust: 1.0
vendor:	cisco	model:	nexus 5020	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.3\(1q\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified computing system infrastructure and unified computing system software	scope:	eq	version:	1.4\(4k\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(4\)	Trust: 1.0
vendor:	cisco	model:	cg-os	scope:	eq	version:	cg2	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(4\)	Trust: 1.0
vendor:	cisco	model:	connected grid router series cg3	scope:	eq	version:	1000	Trust: 0.9
vendor:	cisco	model:	nexus 3000 series switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3048 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000 series switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs infrastructure and ucs manager software	scope:	eq	version:	6100 series )	Trust: 0.8
vendor:	cisco	model:	nexus 5548p switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	cisco mds 9000 series )	Trust: 0.8
vendor:	cisco	model:	nexus 7000 9 slot switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3064-t switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs 6120xp-20 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs infrastructure and ucs manager software	scope:	eq	version:	2.0(2m)	Trust: 0.8
vendor:	cisco	model:	ucs 6140xp-40 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	3000 series )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	( cisco nexus 4000)	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	6.x ( cisco nexus 7000 series )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2(4)	Trust: 0.8
vendor:	cisco	model:	mds 9000 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	cg-os	scope:	lt	version:	( cisco 1000 series)	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	5.x ( cisco nexus 5500	Trust: 0.8
vendor:	cisco	model:	1000 series connected grid router	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ucs 6296up 96 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0(3)u3(1)	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2(1)sv1(5.1)	Trust: 0.8
vendor:	cisco	model:	cg-os	scope:	eq	version:	cg4(1)	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5000 series )	Trust: 0.8
vendor:	cisco	model:	nexus 5020 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5500	Trust: 0.8
vendor:	cisco	model:	ucs 6248up 48 port fabric interconnect	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1(2)e1(1h)	Trust: 0.8
vendor:	cisco	model:	ucs infrastructure and ucs manager software	scope:	lt	version:	( cisco ucs 6200	Trust: 0.8
vendor:	cisco	model:	nexus 5010 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000 10 slot switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3548 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000 18 slot switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 4001i switch module for ibm bladecenter	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1(1)	Trust: 0.8
vendor:	cisco	model:	nexus 5596up switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1(3)n1(1)	Trust: 0.8
vendor:	cisco	model:	nexus 5000 series switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.x ( cisco nexus 7000	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	5.x ( cisco nexus 4000	Trust: 0.8
vendor:	cisco	model:	nexus 3064-x switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 1000v switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 5548up switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	4.x ( cisco nexus 1000v series )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	lt	version:	5.x ( cisco nexus 7000 series	Trust: 0.8
vendor:	cisco	model:	nexus 3016q switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5000 series	Trust: 0.8
vendor:	cisco	model:	mds	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	1000v	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	4000	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	5000	Trust: 0.6
vendor:	cisco	model:	nexus	scope:	eq	version:	7000	Trust: 0.6
vendor:	cisco	model:	connected grid router series	scope:	eq	version:	1000	Trust: 0.6
vendor:	cisco	model:	unified computing system	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	nexus 5.0 u2	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus 5.0 u1	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	connected grid router series cg1	scope:	eq	version:	1000	Trust: 0.6
vendor:	cisco	model:	unified computing system	scope:	eq	version:	1.3(x)	Trust: 0.3
vendor:	cisco	model:	unified computing system	scope:	eq	version:	1.2(x)	Trust: 0.3
vendor:	cisco	model:	unified computing system	scope:	eq	version:	1.1(x)	Trust: 0.3
vendor:	cisco	model:	unified computing system	scope:	eq	version:	1.0(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70006.0(x)	Trust: 0.3
vendor:	cisco	model:	nexus 5.2	scope:	eq	version:	7000	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70005.1(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70005.0(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70004.2(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	70004.1(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	50005.0(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	50004.2(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	50004.1(x)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	50004.0(x)	Trust: 0.3
vendor:	cisco	model:	nexus 4.1 e1	scope:	eq	version:	4000	Trust: 0.3
vendor:	cisco	model:	nexus 4.2 sv1	scope:	eq	version:	1000v	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	eq	version:	1000v4.0(x)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90005.2(3)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90005.0(x)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90004.2(x)	Trust: 0.3
vendor:	cisco	model:	mds	scope:	eq	version:	90004.1(x)	Trust: 0.3
vendor:	cisco	model:	unified computing system 2.1.1e	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	ne	version:	70006.1(1)	Trust: 0.3
vendor:	cisco	model:	nexus	scope:	ne	version:	70005.2(9)	Trust: 0.3
vendor:	cisco	model:	nexus 5.2 n1	scope:	ne	version:	5000	Trust: 0.3
vendor:	cisco	model:	nexus 4.1 e1	scope:	ne	version:	4000	Trust: 0.3
vendor:	cisco	model:	nexus 5.0 u5	scope:	ne	version:	3000	Trust: 0.3
vendor:	cisco	model:	nexus 4.2 sv2	scope:	ne	version:	1000v	Trust: 0.3
vendor:	cisco	model:	mds	scope:	ne	version:	90005.2(8)	Trust: 0.3
vendor:	cisco	model:	connected grid router series cg4	scope:	ne	version:	1000	Trust: 0.3

sources: CNVD: CNVD-2013-04354 // BID: 59452 // JVNDB: JVNDB-2013-002468 // CNNVD: CNNVD-201304-529 // NVD: CVE-2013-1178

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1178
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-1178
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-04354
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201304-529
value:	HIGH
Trust: 0.6
VULHUB:	VHN-61180
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-1178
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-04354
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-61180
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2013-04354 // VULHUB: VHN-61180 // JVNDB: JVNDB-2013-002468 // CNNVD: CNNVD-201304-529 // NVD: CVE-2013-1178

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-61180 // JVNDB: JVNDB-2013-002468 // NVD: CVE-2013-1178

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201304-529

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201304-529

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002468

PATCH

title:	cisco-sa-20130424-nxosmulti	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti	Trust: 0.8
title:	29021	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=29021	Trust: 0.8
title:	28737	url:	http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=28737	Trust: 0.8
title:	cisco-sa-20130424-nxosmulti	url:	http://www.cisco.com/cisco/web/support/JP/111/1117/1117910_cisco-sa-20130424-nxosmulti-j.html	Trust: 0.8
title:	Patch for Multiple Cisco Product CDP Subsystem Buffer Overflow Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/33667	Trust: 0.6

sources: CNVD: CNVD-2013-04354 // JVNDB: JVNDB-2013-002468

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1178	Trust: 3.4
db:	BID	id:	59452	Trust: 1.6
db:	JVNDB	id:	JVNDB-2013-002468	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-529	Trust: 0.7
db:	CNVD	id:	CNVD-2013-04354	Trust: 0.6
db:	CISCO	id:	20130424 MULTIPLE VULNERABILITIES IN CISCO NX-OS-BASED PRODUCTS	Trust: 0.6
db:	SECUNIA	id:	53189	Trust: 0.6
db:	VULHUB	id:	VHN-61180	Trust: 0.1

sources: CNVD: CNVD-2013-04354 // VULHUB: VHN-61180 // BID: 59452 // JVNDB: JVNDB-2013-002468 // CNNVD: CNNVD-201304-529 // NVD: CVE-2013-1178

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130424-nxosmulti	Trust: 2.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1178	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1178	Trust: 0.8
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=29021	Trust: 0.6
url:	http://secunia.com/advisories/53189	Trust: 0.6
url:	http://www.securityfocus.com/bid/59452	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2013-04354 // VULHUB: VHN-61180 // BID: 59452 // JVNDB: JVNDB-2013-002468 // CNNVD: CNNVD-201304-529 // NVD: CVE-2013-1178

CREDITS

Cisco

Trust: 0.9

sources: BID: 59452 // CNNVD: CNNVD-201304-529

SOURCES

db:	CNVD	id:	CNVD-2013-04354
db:	VULHUB	id:	VHN-61180
db:	BID	id:	59452
db:	JVNDB	id:	JVNDB-2013-002468
db:	CNNVD	id:	CNNVD-201304-529
db:	NVD	id:	CVE-2013-1178

LAST UPDATE DATE

2024-11-23T22:39:05.443000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-04354	date:	2013-05-25T00:00:00
db:	VULHUB	id:	VHN-61180	date:	2013-04-25T00:00:00
db:	BID	id:	59452	date:	2013-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2013-002468	date:	2013-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201304-529	date:	2013-04-26T00:00:00
db:	NVD	id:	CVE-2013-1178	date:	2024-11-21T01:49:03.347

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-04354	date:	2013-04-27T00:00:00
db:	VULHUB	id:	VHN-61180	date:	2013-04-25T00:00:00
db:	BID	id:	59452	date:	2013-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2013-002468	date:	2013-04-26T00:00:00
db:	CNNVD	id:	CNNVD-201304-529	date:	2013-04-25T00:00:00
db:	NVD	id:	CVE-2013-1178	date:	2013-04-25T10:55:01.570