ID
VAR-201405-0356
CVE
CVE-2014-3261
TITLE
Cisco Multiple NX-OS Products Smart Call Home Feature Buffer Overflow Vulnerability
Trust: 0.9
DESCRIPTION
Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322. Vendors have confirmed this vulnerability Bug ID CSCtk00695 , CSCts56633 , CSCts56632 , CSCts56628 , CSCug14405 ,and CSCuf61322 It is released as.Remote SMTP The server could execute arbitrary code via a crafted reply. Cisco NX-OS is a data center-class operating system that embodies modular design, resiliency, and maintainability. Cisco multiple NX-OS products are prone to a buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary commands with elevated privileges. Failed exploit attempts will result in denial-of-service conditions. This issue is being tracked by Cisco Bug IDs CSCts56633, CSCts56632, CSCts56628, CSCug14405, CSCtk00695 and CSCuf61322
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2c\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2a\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(1\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2a\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2b\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2b\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1e\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2d\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | - | version: | - | Trust: 1.4 |
| vendor: | cisco | model: | nexus 5020p switch | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | cgr 1120 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\) | Trust: 1.0 |
| vendor: | cisco | model: | cg-os | scope: | eq | version: | cg4\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 3064t | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.1\(3\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.1.\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.2 | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.2\(3\) | Trust: 1.0 |
| vendor: | cisco | model: | unified computing system 6120xp fabric interconnect | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(2\)n2\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | cg-os | scope: | eq | version: | cg4 | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1b\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0 | Trust: 1.0 |
| vendor: | cisco | model: | nexus 7000 9-slot | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.2\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1c\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5000 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | unified computing system 6296up fabric interconnect | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | unified computing system 6140xp fabric interconnect | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.1\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5020 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.1\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 3048 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nexus 4001i | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1d\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1d\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5010p switch | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nexus 3016q | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nexus 3064x | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5010 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(5\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 7000 10-slot | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | unified computing system infrastructure and unified computing system software | scope: | eq | version: | 1.4\(1j\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.1\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | unified computing system 6248up fabric interconnect | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2b\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5548up | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1b\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5548p | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1b\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5596up | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | cgr 1240 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1c\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 3548 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(2\)n1\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u4\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(2\)n2\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 7000 | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nexus 7000 18-slot | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.1 | Trust: 1.0 |
| vendor: | cisco | model: | nexus 5548up switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5010p switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5596up switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5010p switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5020 switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5548p switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5020 switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5020p switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5000 series switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5020p switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5548p switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5000 series switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5010 switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5010 switch | scope: | lt | version: | 5.x | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5596up switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nexus 5548up switch | scope: | eq | version: | software 5.1(3)n1(1) | Trust: 0.8 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(4) | Trust: 0.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(3) | Trust: 0.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(6) | Trust: 0.6 |
| vendor: | cisco | model: | unified computing system fabric interconnects | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os ucs | scope: | eq | version: | 62000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os ucs | scope: | eq | version: | 61000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 90000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 70000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 60000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 50000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 40000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | eq | version: | 30000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os mds | scope: | eq | version: | 90000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os for nexus series | scope: | eq | version: | 70000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os for nexus series | scope: | eq | version: | 50000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os for nexus series | scope: | eq | version: | 40000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os for nexus series | scope: | eq | version: | 30000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os cgr | scope: | eq | version: | 10000 | Trust: 0.3 |
| vendor: | cisco | model: | connected grid router series cg-os | scope: | eq | version: | 1000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os ucs 2.2 | scope: | ne | version: | 6200 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os ucs 2.2 | scope: | ne | version: | 6100 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus | scope: | ne | version: | 70006.2(8) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 7.0 n1 | scope: | ne | version: | 5000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 6.0 n2 | scope: | ne | version: | 5000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 5.2 n1 | scope: | ne | version: | 5000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 4.1 e1 | scope: | ne | version: | 4000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 6.0 u2 | scope: | ne | version: | 3000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os nexus 5.0 u5 | scope: | ne | version: | 3000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os mds | scope: | ne | version: | 90006.2(7) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os cgr cg4 | scope: | ne | version: | 1000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os cgr 15.4 cg | scope: | ne | version: | 1000 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-119 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
buffer overflow
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | cisco-sa-20140521-nxos | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos | Trust: 0.8 |
| title: | 34247 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=34247 | Trust: 0.8 |
| title: | cisco-sa-20140521-nxos | url: | http://www.cisco.com/cisco/web/support/JP/112/1122/1122585_cisco-sa-20140521-nxos-j.html | Trust: 0.8 |
| title: | Patch for multiple NX-OS Products Smart Call Home Feature Buffer Overflow Vulnerabilities | url: | https://www.cnvd.org.cn/patchInfo/show/45867 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-3261 | Trust: 3.4 |
| db: | BID | id: | 67575 | Trust: 1.0 |
| db: | JVNDB | id: | JVNDB-2014-002654 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201405-482 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2014-03244 | Trust: 0.6 |
| db: | CISCO | id: | 20140521 MULTIPLE VULNERABILITIES IN CISCO NX-OS-BASED PRODUCTS | Trust: 0.6 |
| db: | VULHUB | id: | VHN-71201 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140521-nxos | Trust: 2.6 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3261 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3261 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/en/us/products/ps9494/products_sub_category_home.html | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2014-03244 |
| db: | VULHUB | id: | VHN-71201 |
| db: | BID | id: | 67575 |
| db: | JVNDB | id: | JVNDB-2014-002654 |
| db: | CNNVD | id: | CNNVD-201405-482 |
| db: | NVD | id: | CVE-2014-3261 |
LAST UPDATE DATE
2024-11-23T22:02:10.889000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2014-03244 | date: | 2014-05-26T00:00:00 |
| db: | VULHUB | id: | VHN-71201 | date: | 2018-10-30T00:00:00 |
| db: | BID | id: | 67575 | date: | 2014-05-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-002654 | date: | 2014-05-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-482 | date: | 2014-05-28T00:00:00 |
| db: | NVD | id: | CVE-2014-3261 | date: | 2024-11-21T02:07:44.867 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2014-03244 | date: | 2014-05-26T00:00:00 |
| db: | VULHUB | id: | VHN-71201 | date: | 2014-05-26T00:00:00 |
| db: | BID | id: | 67575 | date: | 2014-05-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-002654 | date: | 2014-05-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-482 | date: | 2014-05-28T00:00:00 |
| db: | NVD | id: | CVE-2014-3261 | date: | 2014-05-26T00:25:32.220 |