Sign-up

ID

VAR-201405-0476


CVE

CVE-2014-2201


TITLE

Cisco MDS 9000 Device and Nexus 7000 Runs on the device Cisco NX-OS of MTS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-002652

DESCRIPTION

The Message Transfer Service (MTS) in Cisco NX-OS before 6.2(7) on MDS 9000 devices and 6.0 before 6.0(2) on Nexus 7000 devices allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a large volume of crafted traffic, aka Bug ID CSCtw98915. Vendors have confirmed this vulnerability Bug ID CSCtw98915 It is released as.By a third party Through heavy traffic, (NULL Pointer dereference and kernel panic ) There is a possibility of being put into a state. Cisco NX-OS is a data center-class operating system that embodies modular design, resiliency, and maintainability. This vulnerability is caused by a null pointer indirect reference that occurs when the affected device is under heavy load. The kernel crashes. Cisco NX-OS is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to cause denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCtw98915. Both Cisco NX-OS on MDS 9000 devices and on Nexus 7000 devices are operating systems of Cisco. The former runs on MDS 9000 series devices; the latter runs on Nexus 7000 series devices

Trust: 2.52

sources: NVD: CVE-2014-2201 // JVNDB: JVNDB-2014-002652 // CNVD: CNVD-2014-03251 // BID: 67578 // VULHUB: VHN-70140

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-03251

AFFECTED PRODUCTS

vendor:ciscomodel:mds nx-os software 4.2scope:eqversion:9000

Trust: 2.1

vendor:ciscomodel:nx-osscope:eqversion:6.2\(3n\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.0\(1\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(3\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(1n\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(1\)

Trust: 1.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(5\)

Trust: 1.6

vendor:ciscomodel:mds nx-os software 5.2scope:eqversion:9000

Trust: 1.2

vendor:ciscomodel:mds nx-os software 5.0scope:eqversion:9000

Trust: 1.2

vendor:ciscomodel:nx-osscope:lteversion:6.2\(5a\)

Trust: 1.0

vendor:ciscomodel:mds 9000scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:nexus 7000 10-slotscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:nexus 7000scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:nexus 7000 18-slotscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:nexus 7000 9-slotscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:mds 9100scope:eqversion: -

Trust: 1.0

vendor:ciscomodel:mds nx-os software 4.1scope:eqversion:9000

Trust: 0.9

vendor:ciscomodel:mds 9000 seriesscope:ltversion:software 6.2(7)

Trust: 0.8

vendor:ciscomodel:mds 9100 seriesscope:ltversion:software 6.2(7)

Trust: 0.8

vendor:ciscomodel:nexus 7000 10 slot switchscope:ltversion:software 6.0 thats all 6.0(2)

Trust: 0.8

vendor:ciscomodel:nexus 7000 18 slot switchscope:ltversion:software 6.0 thats all 6.0(2)

Trust: 0.8

vendor:ciscomodel:nexus 7000 9 slot switchscope:ltversion:software 6.0 thats all 6.0(2)

Trust: 0.8

vendor:ciscomodel:nexus 7000 series switchscope:ltversion:software 6.0 thats all 6.0(2)

Trust: 0.8

vendor:ciscomodel:nx-osscope:ltversion:6.0 thats all 6.2(7)

Trust: 0.8

vendor:ciscomodel:nx-osscope:eqversion:4.2(4)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2(3)

Trust: 0.6

vendor:ciscomodel:nx-osscope: - version: -

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:4.2(6)

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:6.2\(5a\)

Trust: 0.6

vendor:ciscomodel:nexusscope:eqversion:70005.2(9)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.2(7)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.2(5)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.2(4)

Trust: 0.3

vendor:ciscomodel:nexus 5.2scope:eqversion:7000

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.2(1)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(x)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(6)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(5)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(4)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(3)

Trust: 0.3

vendor:ciscomodel:nexus 5.1scope:eqversion:7000

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.1(1)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.0(5)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70005.0(3)

Trust: 0.3

vendor:ciscomodel:nexus 5.0scope:eqversion:7000

Trust: 0.3

vendor:ciscomodel:nexus 4.2.scope:eqversion:7000

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.2(8)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.2(6)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.2(4)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.2(3)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.1.(5)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.1.(4)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.1.(3)

Trust: 0.3

vendor:ciscomodel:nexusscope:eqversion:70004.1.(2)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.2(8)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.2(6)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.2(2)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.2(1)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.0(7)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90005.0(4)

Trust: 0.3

vendor:ciscomodel:mds nx-os softwarescope:eqversion:90004.2(5)

Trust: 0.3

sources: CNVD: CNVD-2014-03251 // BID: 67578 // JVNDB: JVNDB-2014-002652 // CNNVD: CNNVD-201405-479 // NVD: CVE-2014-2201

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2201
value: HIGH

Trust: 1.0

NVD: CVE-2014-2201
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-03251
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201405-479
value: HIGH

Trust: 0.6

VULHUB: VHN-70140
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-2201
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-03251
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-70140
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-03251 // VULHUB: VHN-70140 // JVNDB: JVNDB-2014-002652 // CNNVD: CNNVD-201405-479 // NVD: CVE-2014-2201

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-002652 // NVD: CVE-2014-2201

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201405-479

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 67578

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002652

PATCH
title:cisco-sa-20140521-nxosurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos
Trust: 0.8
title:34248url:http://tools.cisco.com/security/center/viewAlert.x?alertId=34248
Trust: 0.8
title:cisco-sa-20140521-nxosurl:http://www.cisco.com/cisco/web/support/JP/112/1122/1122585_cisco-sa-20140521-nxos-j.html
Trust: 0.8
title:Patch for Cisco NX-OS MTS Service Remote Denial of Service Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/45871
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-03251 // 
            
            
            
            JVNDB: JVNDB-2014-002652

EXTERNAL IDS
db:NVDid:CVE-2014-2201
Trust: 3.4
db:BIDid:67578
Trust: 1.0
db:JVNDBid:JVNDB-2014-002652
Trust: 0.8
db:CNNVDid:CNNVD-201405-479
Trust: 0.7
db:SECUNIAid:58853
Trust: 0.6
db:CNVDid:CNVD-2014-03251
Trust: 0.6
db:CISCOid:20140521 MULTIPLE VULNERABILITIES IN CISCO NX-OS-BASED PRODUCTS
Trust: 0.6
db:VULHUBid:VHN-70140
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-03251 // 
            
            
            
            VULHUB: VHN-70140 // 
            
            
            
            BID: 67578 // 
            
            
            
            JVNDB: JVNDB-2014-002652 // 
            
            
            
            CNNVD: CNNVD-201405-479 // 
            
            
            
            NVD: CVE-2014-2201

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140521-nxos
Trust: 2.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2201
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2201
Trust: 0.8
url:http://secunia.com/advisories/58853/
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://www.cisco.com/en/us/products/ps9494/products_sub_category_home.html
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=34248
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-03251 // 
            
            
            
            VULHUB: VHN-70140 // 
            
            
            
            BID: 67578 // 
            
            
            
            JVNDB: JVNDB-2014-002652 // 
            
            
            
            CNNVD: CNNVD-201405-479 // 
            
            
            
            NVD: CVE-2014-2201

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 67578

SOURCES
db:CNVDid:CNVD-2014-03251
db:VULHUBid:VHN-70140
db:BIDid:67578
db:JVNDBid:JVNDB-2014-002652
db:CNNVDid:CNNVD-201405-479
db:NVDid:CVE-2014-2201

LAST UPDATE DATE
2024-11-23T22:02:10.924000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-03251date:2014-05-26T00:00:00
db:VULHUBid:VHN-70140date:2014-05-27T00:00:00
db:BIDid:67578date:2014-05-21T00:00:00
db:JVNDBid:JVNDB-2014-002652date:2014-05-28T00:00:00
db:CNNVDid:CNNVD-201405-479date:2014-05-28T00:00:00
db:NVDid:CVE-2014-2201date:2024-11-21T02:05:50.537

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-03251date:2014-05-26T00:00:00
db:VULHUBid:VHN-70140date:2014-05-26T00:00:00
db:BIDid:67578date:2014-05-21T00:00:00
db:JVNDBid:JVNDB-2014-002652date:2014-05-28T00:00:00
db:CNNVDid:CNNVD-201405-479date:2014-05-28T00:00:00
db:NVDid:CVE-2014-2201date:2014-05-26T00:25:31.767