ID
VAR-201405-0475
CVE
CVE-2014-2200
TITLE
Cisco NX-OS Virtual Device Context SSH Remote Privilege Escalation Vulnerability
Trust: 0.9
sources:
CNVD: CNVD-2014-03245 //
BID: 67571
DESCRIPTION
Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629. Cisco NX-OS is a data center-class operating system that embodies modular design, resiliency, and maintainability. Cisco NX-OS is prone to a remote privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID CSCti11629. Cisco NX-OS on Nexus 7000 devices is a set of operating systems run by Cisco on Nexus 7000 series devices. An elevation of privilege vulnerability exists in Cisco NX-OS 5.0 prior to 5.0(5) on Nexus 7000 devices
Trust: 2.52
sources:
NVD: CVE-2014-2200 //
JVNDB: JVNDB-2014-002651 //
CNVD: CNVD-2014-03245 //
BID: 67571 //
VULHUB: VHN-70139
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2014-03245
AFFECTED PRODUCTS
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1a\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1b\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1a\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2a\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1c\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(2b\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n1\(1b\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)n2\(1\) | Trust: 1.6 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(1d\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2c\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2b\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2d\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1e\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1b\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2b\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1d\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u2\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u3\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(2\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u5\(1c\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u4\(1\) | Trust: 1.0 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 5.0\(3\)u1\(2a\) | Trust: 1.0 |
| vendor: | cisco | model: | nexus 7000 10 slot switch | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | nexus 7000 18 slot switch | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | nexus 7000 9 slot switch | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | nexus 7000 series switch | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | nx-os | scope: | lt | version: | 5.0 thats all 5.0(5) | Trust: 0.8 |
| vendor: | cisco | model: | nx-os | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | nx-os for nexus series | scope: | eq | version: | 70000 | Trust: 0.3 |
| vendor: | cisco | model: | nx-os 5.0 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | nx-os 4.2. | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(8) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(6) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(4) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.2(3) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.1.(5) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.1.(4) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.1.(3) | Trust: 0.3 |
| vendor: | cisco | model: | nx-os | scope: | eq | version: | 4.1.(2) | Trust: 0.3 |
sources:
CNVD: CNVD-2014-03245 //
BID: 67571 //
JVNDB: JVNDB-2014-002651 //
CNNVD: CNNVD-201405-478 //
NVD: CVE-2014-2200
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2014-03245 //
VULHUB: VHN-70139 //
JVNDB: JVNDB-2014-002651 //
CNNVD: CNNVD-201405-478 //
NVD: CVE-2014-2200
PROBLEMTYPE DATA
| problemtype: | CWE-264 | Trust: 1.9 |
sources:
VULHUB: VHN-70139 //
JVNDB: JVNDB-2014-002651 //
NVD: CVE-2014-2200
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201405-478
TYPE
permissions and access control
Trust: 0.6
sources:
CNNVD: CNNVD-201405-478
CONFIGURATIONS
sources:
JVNDB: JVNDB-2014-002651
PATCH
| title: | cisco-sa-20140521-nxos | url: | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos | Trust: 0.8 |
| title: | 34245 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=34245 | Trust: 0.8 |
| title: | cisco-sa-20140521-nxos | url: | http://www.cisco.com/cisco/web/support/JP/112/1122/1122585_cisco-sa-20140521-nxos-j.html | Trust: 0.8 |
| title: | Patch for Cisco NX-OS Virtual Device Context SSH Remote Privilege Escalation Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/45866 | Trust: 0.6 |
sources:
CNVD: CNVD-2014-03245 //
JVNDB: JVNDB-2014-002651
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-2200 | Trust: 3.4 |
| db: | BID | id: | 67571 | Trust: 1.0 |
| db: | JVNDB | id: | JVNDB-2014-002651 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201405-478 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2014-03245 | Trust: 0.6 |
| db: | CISCO | id: | 20140521 MULTIPLE VULNERABILITIES IN CISCO NX-OS-BASED PRODUCTS | Trust: 0.6 |
| db: | VULHUB | id: | VHN-70139 | Trust: 0.1 |
sources:
CNVD: CNVD-2014-03245 //
VULHUB: VHN-70139 //
BID: 67571 //
JVNDB: JVNDB-2014-002651 //
CNNVD: CNNVD-201405-478 //
NVD: CVE-2014-2200
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140521-nxos | Trust: 2.6 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2200 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2200 | Trust: 0.8 |
| url: | http://www.cisco.com/en/us/products/ps9494/products_sub_category_home.html | Trust: 0.3 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=34245 | Trust: 0.3 |
sources:
CNVD: CNVD-2014-03245 //
VULHUB: VHN-70139 //
BID: 67571 //
JVNDB: JVNDB-2014-002651 //
CNNVD: CNNVD-201405-478 //
NVD: CVE-2014-2200
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 67571
SOURCES
| db: | CNVD | id: | CNVD-2014-03245 |
| db: | VULHUB | id: | VHN-70139 |
| db: | BID | id: | 67571 |
| db: | JVNDB | id: | JVNDB-2014-002651 |
| db: | CNNVD | id: | CNNVD-201405-478 |
| db: | NVD | id: | CVE-2014-2200 |
LAST UPDATE DATE
2024-11-23T22:02:10.958000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2014-03245 | date: | 2014-05-26T00:00:00 |
| db: | VULHUB | id: | VHN-70139 | date: | 2014-05-27T00:00:00 |
| db: | BID | id: | 67571 | date: | 2014-05-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-002651 | date: | 2014-05-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-478 | date: | 2014-05-28T00:00:00 |
| db: | NVD | id: | CVE-2014-2200 | date: | 2024-11-21T02:05:50.413 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2014-03245 | date: | 2014-05-26T00:00:00 |
| db: | VULHUB | id: | VHN-70139 | date: | 2014-05-26T00:00:00 |
| db: | BID | id: | 67571 | date: | 2014-05-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-002651 | date: | 2014-05-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201405-478 | date: | 2014-05-28T00:00:00 |
| db: | NVD | id: | CVE-2014-2200 | date: | 2014-05-26T00:25:31.720 |