Vulnerabilites related to cisco - ucs_6296up
cve-2018-0311
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.129Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0311", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:43:38.619660Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:32.415Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0311", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0311", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:32.415Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3120
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Version: unspecified < 2.3.1.173 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.647Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3120", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:29:31.395421Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:42:14.893Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS XR Software", vendor: "Cisco", versions: [ { lessThan: "2.3.1.173", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-05T18:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-05T16:00:00-0800", ID: "CVE-2020-3120", STATE: "PUBLIC", TITLE: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS XR Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "2.3.1.173", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, ], }, references: { reference_data: [ { name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], }, source: { advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos", defect: [ [ "CSCvr14976", "CSCvr15024", "CSCvr15072", "CSCvr15073", "CSCvr15078", "CSCvr15079", "CSCvr15082", "CSCvr15083", "CSCvr15111", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3120", datePublished: "2020-02-05T17:50:18.427416Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:42:14.893Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0310
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.282Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0310", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:45:33.591091Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:46.193Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0310", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0310", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:46.193Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1790
Vulnerability from cvelistv5
Published
2019-05-15 20:05
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108383 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.802Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790", }, { name: "108383", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108383", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1790", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:42.195367Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:35.731Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-20T14:06:09", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790", }, { name: "108383", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108383", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1790", defect: [ [ "CSCvh20096", "CSCvh20112", "CSCvi96504", "CSCvi96509", "CSCvi96510", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1790", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1790)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790", }, { name: "108383", refsource: "BID", url: "http://www.securityfocus.com/bid/108383", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1790", defect: [ [ "CSCvh20096", "CSCvh20112", "CSCvi96504", "CSCvi96509", "CSCvi96510", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1790", datePublished: "2019-05-15T20:05:14.522885Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:35.731Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-20625
Vulnerability from cvelistv5
Published
2022-02-23 17:40
Modified
2024-11-06 16:29
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:17:52.933Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-20625", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-06T15:59:11.678425Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T16:29:50.135Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2022-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-23T17:40:15", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], source: { advisory: "cisco-sa-cdp-dos-G8DPLWYG", defect: [ [ "CSCvz72442", "CSCvz72462", "CSCvz72463", "CSCvz72464", "CSCvz72465", "CSCvz72466", "CSCvz72467", "CSCvz74433", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2022-02-23T16:00:00", ID: "CVE-2022-20625", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "20220223 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Service Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], }, source: { advisory: "cisco-sa-cdp-dos-G8DPLWYG", defect: [ [ "CSCvz72442", "CSCvz72462", "CSCvz72463", "CSCvz72464", "CSCvz72465", "CSCvz72466", "CSCvz72467", "CSCvz74433", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2022-20625", datePublished: "2022-02-23T17:40:15.926880Z", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-11-06T16:29:50.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0303
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:58
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.585Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0303", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:07.087359Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:58:54.149Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0303", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:58:54.149Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0291
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco NX-OS unknown |
Version: Cisco NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.531Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0291", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:37:39.607604Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:02:46.880Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco NX-OS unknown", }, ], }, ], datePublic: "2018-06-20T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0291", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS unknown", version: { version_data: [ { version_value: "Cisco NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0291", datePublished: "2018-06-20T21:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:02:46.880Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3504
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:10
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3504", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:24:18.362716Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:10:32.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-664", description: "CWE-664", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, title: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3504", STATE: "PUBLIC", TITLE: "Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "3.3", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-664", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], }, source: { advisory: "cisco-sa-ucs-cli-dos-GQUxCnTe", defect: [ [ "CSCvr91760", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3504", datePublished: "2020-08-27T15:40:13.292875Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:10:32.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0331
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:57
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS, NX-OS, and UCS Manager unknown |
Version: Cisco FXOS, NX-OS, and UCS Manager unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.780Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0331", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:37:35.507766Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:57:02.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS, NX-OS, and UCS Manager unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS, NX-OS, and UCS Manager unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-399", description: "CWE-399", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0331", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS, NX-OS, and UCS Manager unknown", version: { version_data: [ { version_value: "Cisco FXOS, NX-OS, and UCS Manager unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-399", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0331", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:57:02.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1781
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.734Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1781", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:44.395123Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:46.849Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1781", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1781", datePublished: "2019-05-15T19:45:27.562921Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:46.849Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3172
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3172", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:00.721656Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:15.493Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:40", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3172", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-nxos-cdp", defect: [ [ "CSCux07556", "CSCux58226", "CSCvr31410", "CSCvr37146", "CSCvr37148", "CSCvr37150", "CSCvr37151", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3172", datePublished: "2020-02-26T16:50:40.700230Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:15.493Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3517
Vulnerability from cvelistv5
Published
2020-08-27 15:40
Modified
2024-11-13 18:09
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:37:54.679Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3517", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-13T17:13:07.454503Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-13T18:09:30.343Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-08-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-08-27T15:40:48", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-08-26T16:00:00", ID: "CVE-2020-3517", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.6", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "20200826 Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], }, source: { advisory: "cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", defect: [ [ "CSCvt39630", "CSCvt46835", "CSCvt46837", "CSCvt46838", "CSCvt46839", "CSCvt46877", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3517", datePublished: "2020-08-27T15:40:48.124786Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-13T18:09:30.343Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0298
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 15:00
Severity ?
EPSS score ?
Summary
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS Software and UCS Fabric Interconnect unknown |
Version: Cisco FXOS Software and UCS Fabric Interconnect unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:14.834Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0298", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:43:41.574159Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:00:01.619Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS Software and UCS Fabric Interconnect unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-21T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0298", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS Software and UCS Fabric Interconnect unknown", version: { version_data: [ { version_value: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0298", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:00:01.619Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3171
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.702Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3171", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:59.539855Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:05.029Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:46", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-fxos-ucs-cli-cmdinj", defect: [ [ "CSCvo42634", "CSCvo42654", "CSCvp44202", "CSCvp44232", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3171", STATE: "PUBLIC", TITLE: "Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and UCS Manager Software Local Management CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-ucs-cli-cmdinj", defect: [ [ "CSCvo42634", "CSCvo42654", "CSCvp44202", "CSCvp44232", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3171", datePublished: "2020-02-26T16:50:46.086693Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:05.029Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-1368
Vulnerability from cvelistv5
Published
2021-02-24 19:30
Modified
2024-11-08 23:37
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:11:16.857Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-1368", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-08T20:20:53.434491Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-08T23:37:56.190Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-02-24T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-24T19:30:49", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], source: { advisory: "cisco-sa-nxos-udld-rce-xetH6w35", defect: [ [ "CSCvv78238", "CSCvv96088", "CSCvv96090", "CSCvv96092", "CSCvv96107", "CSCvw38964", "CSCvw38981", "CSCvw38982", "CSCvw38983", "CSCvw38984", "CSCvw38995", "CSCvw45654", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-02-24T16:00:00", ID: "CVE-2021-1368", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "20210224 Cisco FXOS and NX-OS Software Unidirectional Link Detection Denial of Service and Arbitrary Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], }, source: { advisory: "cisco-sa-nxos-udld-rce-xetH6w35", defect: [ [ "CSCvv78238", "CSCvv96088", "CSCvv96090", "CSCvv96092", "CSCvv96107", "CSCvw38964", "CSCvw38981", "CSCvw38982", "CSCvw38983", "CSCvw38984", "CSCvw38995", "CSCvw45654", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-1368", datePublished: "2021-02-24T19:30:49.775173Z", dateReserved: "2020-11-13T00:00:00", dateUpdated: "2024-11-08T23:37:56.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1795
Vulnerability from cvelistv5
Published
2019-05-15 20:15
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108479 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.777Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108479", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1795", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:37.609624Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:05.520Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-28T16:06:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108479", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1795", defect: [ [ "CSCvh20029", "CSCvh20359", "CSCvh66202", "CSCvh66214", "CSCvh66219", "CSCvh66243", "CSCvh66257", "CSCvh66259", "CSCvk30761", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1795", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerability (CVE-2019-1795)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { name: "108479", refsource: "BID", url: "http://www.securityfocus.com/bid/108479", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1795", defect: [ [ "CSCvh20029", "CSCvh20359", "CSCvh66202", "CSCvh66214", "CSCvh66219", "CSCvh66243", "CSCvh66257", "CSCvh66259", "CSCvk30761", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1795", datePublished: "2019-05-15T20:15:17.287630Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:05.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20016
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-25 16:04
Severity ?
EPSS score ?
Summary
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20016", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:36:41.126540Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:04:01.210Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed) ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-321", description: "CWE-321", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230223 Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], source: { advisory: "cisco-sa-ucsm-bkpsky-H8FCQgsA", defect: [ [ "CSCvm53827", "CSCwc01592", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS Software and UCS Manager Software Configuration Backup Static Key Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20016", datePublished: "2023-02-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:04:01.210Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1782
Vulnerability from cvelistv5
Published
2019-05-15 19:45
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108407 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.805Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108407", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1782", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:46.135024Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:56.298Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108407", }, ], source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1782", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Command Injection Vulnerabilities (CVE-2019-1781, CVE-2019-1782)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { name: "108407", refsource: "BID", url: "http://www.securityfocus.com/bid/108407", }, ], }, source: { advisory: "cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", defect: [ [ "CSCvh20027", "CSCvh20389", "CSCvi01445", "CSCvi01448", "CSCvi91985", "CSCvi92126", "CSCvi92128", "CSCvi92129", "CSCvi92130", "CSCvi96522", "CSCvi96524", "CSCvi96525", "CSCvi96526", "CSCvi96527", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1782", datePublished: "2019-05-15T19:45:19.350442Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:56.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1735
Vulnerability from cvelistv5
Published
2019-05-15 18:45
Modified
2024-11-21 19:30
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108365 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108365", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1735", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:37.156646Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:30:32.359Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-17T12:06:06", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108365", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1735", defect: [ [ "CSCvj63728", "CSCvj63877", "CSCvk52969", "CSCvk52971", "CSCvk52972", "CSCvk52975", "CSCvk52985", "CSCvk52988", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1735", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.4", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { name: "108365", refsource: "BID", url: "http://www.securityfocus.com/bid/108365", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1735", defect: [ [ "CSCvj63728", "CSCvj63877", "CSCvk52969", "CSCvk52971", "CSCvk52972", "CSCvk52975", "CSCvk52985", "CSCvk52988", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1735", datePublished: "2019-05-15T18:45:28.744805Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:30:32.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1776
Vulnerability from cvelistv5
Published
2019-05-15 19:30
Modified
2024-11-20 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108377 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776", }, { name: "108377", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108377", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1776", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:52.088982Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:21:33.454Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-20T14:06:09", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776", }, { name: "108377", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108377", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1776", defect: [ [ "CSCvh20076", "CSCvh20081", "CSCvi96429", "CSCvi96431", "CSCvi96432", "CSCvi96433", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1776", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776", }, { name: "108377", refsource: "BID", url: "http://www.securityfocus.com/bid/108377", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmdinj-1776", defect: [ [ "CSCvh20076", "CSCvh20081", "CSCvi96429", "CSCvi96431", "CSCvi96432", "CSCvi96433", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1776", datePublished: "2019-05-15T19:30:23.065020Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:21:33.454Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3167
Vulnerability from cvelistv5
Published
2020-02-26 16:51
Modified
2024-11-15 17:37
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3167", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:56.860837Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:37:18.211Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Adaptive Security Appliance (ASA) Software", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:51:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-fxos-ucs-cmdinj", defect: [ [ "CSCvo42628", "CSCvo42636", "CSCvp44264", "CSCvp44281", "CSCvr49734", "CSCvr58699", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3167", STATE: "PUBLIC", TITLE: "Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Adaptive Security Appliance (ASA) Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco FXOS and UCS Manager Software CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-fxos-ucs-cmdinj", defect: [ [ "CSCvo42628", "CSCvo42636", "CSCvp44264", "CSCvp44281", "CSCvr49734", "CSCvr58699", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3167", datePublished: "2020-02-26T16:51:05.960558Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:37:18.211Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10136
Vulnerability from cvelistv5
Published
2020-06-02 08:35
Modified
2024-09-17 00:56
Severity ?
EPSS score ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IETF | RFC2003 - IP Encapsulation within IP |
Version: STD 1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:50:57.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#636397", tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/636397/", }, { tags: [ "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { tags: [ "x_transferred", ], url: "https://www.digi.com/resources/security", }, { name: "VU#636397", tags: [ "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/636397", }, { name: "Security Concerns with IP Tunneling", tags: [ "x_transferred", ], url: "https://datatracker.ietf.org/doc/html/rfc6169", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "RFC2003 - IP Encapsulation within IP", vendor: "IETF", versions: [ { status: "affected", version: "STD 1", }, ], }, ], credits: [ { lang: "en", value: "Thanks to Yannay Livneh for reporting this issue.", }, ], datePublic: "2020-06-01T00:00:00", descriptions: [ { lang: "en", value: "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-290", description: "CWE-290 Authentication Bypass by Spoofing", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-17T21:10:04.191Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "VU#636397", url: "https://kb.cert.org/vuls/id/636397/", }, { url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { url: "https://www.digi.com/resources/security", }, { name: "VU#636397", url: "https://www.kb.cert.org/vuls/id/636397", }, { name: "Security Concerns with IP Tunneling", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, ], solutions: [ { lang: "en", value: "Customers should apply the latest patch provided by the affected vendor that addresses this issue and prevents unspecified IP-in-IP packets from being processed. Devices manufacturers are urged to disable IP-in-IP in their default configuration and require their customers to explicitly configure IP-in-IP as and when needed.", }, ], source: { discovery: "EXTERNAL", }, title: "IP-in-IP protocol allows a remote, unauthenticated attacker to route arbitrary network traffic", workarounds: [ { lang: "en", value: "Users can block IP-in-IP packets by filtering IP protocol number 4. Note this filtering is for the IPv4 Protocol (or IPv6 Next Header) field value of 4 and not IP protocol version 4 (IPv4).", }, ], x_generator: { engine: "cveClient/1.0.15", }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2020-10136", datePublished: "2020-06-02T08:35:12.921954Z", dateReserved: "2020-03-05T00:00:00", dateUpdated: "2024-09-17T00:56:11.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0294
Vulnerability from cvelistv5
Published
2018-06-20 21:00
Modified
2024-11-29 15:02
Severity ?
EPSS score ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1041169 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS and NX-OS unknown |
Version: Cisco FXOS and NX-OS unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.277Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041169", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0294", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:14.413008Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T15:02:18.535Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS and NX-OS unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS and NX-OS unknown", }, ], }, ], datePublic: "2018-06-20T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-23T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041169", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0294", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS and NX-OS unknown", version: { version_data: [ { version_value: "Cisco FXOS and NX-OS unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { name: "1041169", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041169", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0294", datePublished: "2018-06-20T21:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T15:02:18.535Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1728
Vulnerability from cvelistv5
Published
2019-05-15 16:45
Modified
2024-11-20 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108391 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.538Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108391", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1728", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:55:04.067211Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:22:35.424Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T12:06:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108391", }, ], source: { advisory: "cisco-sa-20190515-nxos-conf-bypass", defect: [ [ "CSCvh20223", "CSCvi96577", "CSCvi96578", "CSCvi96579", "CSCvi96580", "CSCvi96583", "CSCvi96584", ], ], discovery: "INTERNAL", }, title: "Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1728", STATE: "PUBLIC", TITLE: "Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco FXOS and NX-OS Software Secure Configuration Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { name: "108391", refsource: "BID", url: "http://www.securityfocus.com/bid/108391", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-conf-bypass", defect: [ [ "CSCvh20223", "CSCvi96577", "CSCvi96578", "CSCvi96579", "CSCvi96580", "CSCvi96583", "CSCvi96584", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1728", datePublished: "2019-05-15T16:45:23.499873Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:22:35.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1784
Vulnerability from cvelistv5
Published
2019-05-15 20:05
Modified
2024-11-20 17:20
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108369 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.848Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784", }, { name: "108369", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108369", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1784", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:40.787544Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:20:22.812Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-17T12:06:06", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784", }, { name: "108369", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108369", }, ], source: { advisory: "cisco-sa-20190515-nxos-cmd-inject-1784", defect: [ [ "CSCvi42292", "CSCvj12273", "CSCvj12274", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1784", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.7", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784)", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784", }, { name: "108369", refsource: "BID", url: "http://www.securityfocus.com/bid/108369", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cmd-inject-1784", defect: [ [ "CSCvi42292", "CSCvj12273", "CSCvj12274", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1784", datePublished: "2019-05-15T20:05:21.750001Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:20:22.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1809
Vulnerability from cvelistv5
Published
2019-05-15 22:15
Modified
2024-11-20 17:19
Severity ?
EPSS score ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108375 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 8.3(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.815Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb", }, { name: "108375", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108375", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1809", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T16:54:32.981622Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T17:19:35.902Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "8.3(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-347", description: "CWE-347", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-20T14:06:08", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb", }, { name: "108375", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108375", }, ], source: { advisory: "cisco-sa-20190515-nxos-psvb", defect: [ [ "CSCvi42264", "CSCvj12239", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1809", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "8.3(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.4", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-347", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software Patch Signature Verification Bypass Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb", }, { name: "108375", refsource: "BID", url: "http://www.securityfocus.com/bid/108375", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-psvb", defect: [ [ "CSCvi42264", "CSCvj12239", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1809", datePublished: "2019-05-15T22:15:23.669524Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-20T17:19:35.902Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1726
Vulnerability from cvelistv5
Published
2019-05-15 16:40
Modified
2024-11-21 19:31
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108409 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Version: unspecified < 6.2(25) Version: unspecified < 8.3(2) Version: unspecified < 7.0(3)I7(3) Version: unspecified < 9.2(1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:42.237Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20190515 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass", }, { name: "108409", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108409", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1726", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:58:44.236098Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:31:38.707Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco NX-OS Software", vendor: "Cisco", versions: [ { lessThan: "6.2(25)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "8.3(2)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "7.0(3)I7(3)", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "9.2(1)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-05-15T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T13:06:04", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20190515 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass", }, { name: "108409", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108409", }, ], source: { advisory: "cisco-sa-20190515-nxos-cli-bypass", defect: [ [ "CSCvh24771", "CSCvi99247", "CSCvi99248", "CSCvi99250", "CSCvi99251", "CSCvi99252", "CSCvn11851", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-05-15T16:00:00-0700", ID: "CVE-2019-1726", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco NX-OS Software", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "6.2(25)", }, { affected: "<", version_affected: "<", version_value: "8.3(2)", }, { affected: "<", version_affected: "<", version_value: "7.0(3)I7(3)", }, { affected: "<", version_affected: "<", version_value: "9.2(1)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20190515 Cisco NX-OS Software CLI Bypass to Internal Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass", }, { name: "108409", refsource: "BID", url: "http://www.securityfocus.com/bid/108409", }, ], }, source: { advisory: "cisco-sa-20190515-nxos-cli-bypass", defect: [ [ "CSCvh24771", "CSCvi99247", "CSCvi99248", "CSCvi99250", "CSCvi99251", "CSCvi99252", "CSCvn11851", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1726", datePublished: "2019-05-15T16:40:17.248159Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:31:38.707Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34714
Vulnerability from cvelistv5
Published
2021-09-23 02:25
Modified
2024-11-07 21:59
Severity ?
EPSS score ?
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ | vendor-advisory, x_refsource_CISCO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:19:48.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-34714", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:40:36.961651Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T21:59:09.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco IOS", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-09-22T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-23T02:25:58", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, title: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-09-22T16:00:00", ID: "CVE-2021-34714", STATE: "PUBLIC", TITLE: "Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco IOS", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.4", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20210922 Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], }, source: { advisory: "cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", defect: [ [ "CSCvw22670", "CSCvw26126", "CSCvw26127", "CSCvw26129", "CSCvw26130", "CSCvw26152", "CSCvw46194", "CSCvw46239", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-34714", datePublished: "2021-09-23T02:25:58.322621Z", dateReserved: "2021-06-15T00:00:00", dateUpdated: "2024-11-07T21:59:09.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3119
Vulnerability from cvelistv5
Published
2020-02-05 17:45
Modified
2024-11-15 17:42
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce | vendor-advisory, x_refsource_CISCO | |
| http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < 9.3(2) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3119", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:08.322696Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:42:33.555Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "9.3(2)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-05T18:06:05", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], source: { advisory: "cisco-sa-20200205-nxos-cdp-rce", defect: [ [ "CSCvr09175", "CSCvr09531", "CSCvr09539", "CSCvr09544", "CSCvr09555", ], ], discovery: "INTERNAL", }, title: "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-05T16:00:00-0800", ID: "CVE-2020-3119", STATE: "PUBLIC", TITLE: "Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "9.3(2)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "8.8", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "20200205 Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, ], }, source: { advisory: "cisco-sa-20200205-nxos-cdp-rce", defect: [ [ "CSCvr09175", "CSCvr09531", "CSCvr09539", "CSCvr09544", "CSCvr09555", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3119", datePublished: "2020-02-05T17:45:15.813799Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:42:33.555Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3173
Vulnerability from cvelistv5
Published
2020-02-26 16:50
Modified
2024-11-15 17:38
Severity ?
EPSS score ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: unspecified < n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:24:00.704Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200226 Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3173", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:25:02.102838Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:38:26.014Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed)", vendor: "Cisco", versions: [ { lessThan: "n/a", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2020-02-26T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-26T16:50:35", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200226 Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj", }, ], source: { advisory: "cisco-sa-20200226-ucs-cli-cmdinj", defect: [ [ "CSCvq57926", ], ], discovery: "INTERNAL", }, title: "Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-02-26T16:00:00-0800", ID: "CVE-2020-3173", STATE: "PUBLIC", TITLE: "Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Unified Computing System (Managed)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "7.8", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "20200226 Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj", }, ], }, source: { advisory: "cisco-sa-20200226-ucs-cli-cmdinj", defect: [ [ "CSCvq57926", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3173", datePublished: "2020-02-26T16:50:36.058155Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:38:26.014Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1690
Vulnerability from cvelistv5
Published
2019-03-11 22:00
Modified
2024-11-21 19:42
Severity ?
EPSS score ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/107317 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Version: unspecified < 4.2(0.21c) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T18:28:41.061Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-1690", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-21T18:59:59.996279Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-21T19:42:40.791Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Application Policy Infrastructure Controller (APIC)", vendor: "Cisco", versions: [ { lessThan: "4.2(0.21c)", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2019-03-06T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-12T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "107317", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, title: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2019-03-06T16:00:00-0800", ID: "CVE-2019-1690", STATE: "PUBLIC", TITLE: "Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Application Policy Infrastructure Controller (APIC)", version: { version_data: [ { affected: "<", version_affected: "<", version_value: "4.2(0.21c)", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "4.3", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284", }, ], }, ], }, references: { reference_data: [ { name: "107317", refsource: "BID", url: "http://www.securityfocus.com/bid/107317", }, { name: "20190306 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], }, source: { advisory: "cisco-sa-20190306-apic-ipv6", defect: [ [ "CSCvn09855", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2019-1690", datePublished: "2019-03-11T22:00:00Z", dateReserved: "2018-12-06T00:00:00", dateUpdated: "2024-11-21T19:42:40.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20015
Vulnerability from cvelistv5
Published
2023-02-23 00:00
Modified
2024-10-28 16:33
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Computing System (Managed) |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230223 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20015", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:24.685336Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:33:53.572Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Unified Computing System (Managed) ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-02-23T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230223 Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], source: { advisory: "cisco-sa-nxfp-cmdinj-XXBZjtR", defect: [ [ "CSCwc52151", "CSCwd11206", "CSCwd11228", ], ], discovery: "INTERNAL", }, title: "Cisco Firepower 4100 Series, Firepower 9300 Security Appliances, and UCS Fabric Interconnects Command Injection Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20015", datePublished: "2023-02-23T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-28T16:33:53.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-0302
Vulnerability from cvelistv5
Published
2018-06-21 11:00
Modified
2024-11-29 14:59
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco FXOS Software and UCS Fabric Interconnect unknown |
Version: Cisco FXOS Software and UCS Fabric Interconnect unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:21:15.577Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-0302", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-29T14:42:08.635541Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-29T14:59:13.685Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco FXOS Software and UCS Fabric Interconnect unknown", vendor: "n/a", versions: [ { status: "affected", version: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, ], datePublic: "2018-06-21T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-21T10:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2018-0302", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco FXOS Software and UCS Fabric Interconnect unknown", version: { version_data: [ { version_value: "Cisco FXOS Software and UCS Fabric Interconnect unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2018-0302", datePublished: "2018-06-21T11:00:00", dateReserved: "2017-11-27T00:00:00", dateUpdated: "2024-11-29T14:59:13.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108377 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108377 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B3AF4670-21BF-443C-94F2-230E254862F4", versionEndExcluding: "8.2\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1865052B-3A59-4996-A1B0-0FA8B19F5949", versionEndExcluding: "7.3\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1865052B-3A59-4996-A1B0-0FA8B19F5949", versionEndExcluding: "7.3\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D5CF3A40-A695-4722-A557-8A2C1AD831B6", versionEndExcluding: "7.3\\(5\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CEE30512-6FAD-4FDD-905B-2D33FE28991D", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C4884A9-CA4B-434C-99F3-2105281B1905", versionEndExcluding: "8.2\\(2\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del programa Cisco NX-OS podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con un nivel de privilegio de raíz. La vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a un comando CLI específico en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotación exitosa podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios elevados. Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1776", lastModified: "2024-11-21T04:37:21.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.197", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108377", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108377", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1776", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B10C9143-9E1F-4DA3-924B-68D48B4F2D37", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "AE03EB05-946B-4DCA-82F9-1A3C05AA069A", versionEndExcluding: "3.2\\(b\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podría permitir que un atacante remoto no autenticado cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los paquetes Cisco Fabric Services cuando el software procesa datos del paquete. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services maliciosamente manipulado a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante provoque un desbordamiento de búfer en el dispositivo que podría provocar cierres inesperados de procesos y resultar en una condición de denegación de servicio (DoS). La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69960, CSCve02463, CSCve04859, CSCve41530, CSCve41537, CSCve41541, CSCve41557.", }, ], id: "CVE-2018-0311", lastModified: "2024-11-21T03:37:57.213", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.663", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-services-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "669EB726-B1E5-47BF-98D4-73ABDB676115", versionEndExcluding: "6.2.3.13", versionStartIncluding: "6.2.2", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "FBAB5FF7-1E8C-4145-A081-5916B9EB9731", versionEndExcluding: "6.4.0.8", versionStartIncluding: "6.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "931501EE-560C-49AD-805D-3008159E0A94", versionEndExcluding: "6.5.0.2", versionStartIncluding: "6.5.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "A222901B-A007-419D-9A0A-D5420EC57083", versionEndExcluding: "9.9.2.66", versionStartIncluding: "9.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "AACB9A82-A1DF-4012-A5E1-D9C692721273", versionEndExcluding: "9.12.3.6", versionStartIncluding: "9.10", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", matchCriteriaId: "6F67B6AE-8757-428F-8894-A11A6553E7A2", versionEndExcluding: "9.13.1.5", versionStartIncluding: "9.13", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "082378DA-87C5-4779-8DE1-32B16879C20A", versionEndExcluding: "2.4.1.234", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS). The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de Cisco FXOS Software y Cisco UCS Manager Software, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados en comandos específicos. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados son ejecutados con privilegios root.", }, ], id: "CVE-2020-3167", lastModified: "2024-11-21T05:30:28.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:12.843", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108409 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108409 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nexus_3100 | - | |
| cisco | nexus_3100-z | - | |
| cisco | nexus_3100v | - | |
| cisco | nexus_3200 | - | |
| cisco | nexus_3400 | - | |
| cisco | nexus_3500 | - | |
| cisco | nexus_3600 | - | |
| cisco | nexus_9000 | - | |
| cisco | nexus_9200 | - | |
| cisco | nexus_9300 | - | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nx-os | * | |
| cisco | nexus_5500 | - | |
| cisco | nexus_5600 | - | |
| cisco | nexus_6000 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D857756F-8C20-4B59-BA89-8373954B0093", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "521D7202-7B57-49C1-BFC5-6829B96428BA", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "114F8E8A-31E1-4865-B1AA-07E51D10CF90", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "27F8E672-D0C7-47CD-9FBA-FCDF3C89A2E9", versionEndExcluding: "4.0\\(1d\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An attacker could exploit this vulnerability by including malicious input as the argument to the affected command. A successful exploit could allow the attacker to bypass intended restrictions and access internal services of the device. An attacker would need valid device credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del programa NX-OS de Cisco, podría permitir a un atacante local autenticado ingresar a servicios internos que deberían estar restringidos en un dispositivo afectado, como la API NX. La vulnerabilidad se debe a una comprobación insuficiente de los argumentos pasados ??a un ciertos comando CLI. Un atacante podría explotar esta vulnerabilidad si inserta una entrada maliciosa como argumento para el comando afectado. Una explotación exitosa podría permitir al atacante omitir las restricciones previstas y acceder a los servicios internos del dispositivo. Un atacante requeriría credenciales de dispositivo válidas para atacar esta vulnerabilidad.", }, ], id: "CVE-2019-1726", lastModified: "2024-11-21T04:37:11.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T17:29:01.467", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108409", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108409", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cli-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "834E1736-9E8D-476A-ADA9-EB81BEB8DC6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*", matchCriteriaId: "0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF884E9-68AA-44F7-A551-F7D7DF2378DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "085034AF-4825-4E06-BCBD-6F0D80959A26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2BD99394-5B1B-49FB-9085-3D92E4DBF1A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0AE37430-9711-443E-BF69-CAAEDD2A0E45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E325ADE-5098-4C1B-82FB-CB04DDB68A2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "192B4BF0-A6E4-4241-8E30-48CAE65203F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63D87F40-279D-46BD-9A1E-B980E9DDD24D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "148B3732-6F6C-4865-8FCC-A215883BEEC9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "694A529B-AC10-4DEE-9858-E068DA02B602", versionEndExcluding: "4.0\\(4o\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "DCC75B2F-216C-4653-9DFB-D387A1BEABDE", versionEndExcluding: "4.1\\(3k\\)", versionStartIncluding: "4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "409A003C-6F89-45D6-9951-4CE56E9F4BA8", versionEndExcluding: "4.2\\(2d\\)", versionStartIncluding: "4.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "027A27D8-DD06-420A-BCDC-553641F5CC83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "CDB194AF-51E8-4379-B416-34049BF03754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute unauthorized commands within the CLI. An attacker with Administrator privileges could also execute arbitrary commands on the underlying operating system of Cisco UCS 6400 and 6500 Series Fabric Interconnects with root-level privileges.", }, ], id: "CVE-2023-20015", lastModified: "2024-11-21T07:40:20.853", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:13.333", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108479 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "8F9D7D11-A8C6-4AAD-97DA-C5E5F9681F09", versionEndExcluding: "8.2\\(3\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "458C07FB-06EE-4081-8B4C-D16962FF9035", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4692FD8-8B7E-4418-A6E2-51A34117FFCD", versionEndExcluding: "7.3\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F809C85E-BC8C-4650-B7C9-7A15315AE2BD", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4692FD8-8B7E-4418-A6E2-51A34117FFCD", versionEndExcluding: "7.3\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "19B38FA2-5F5C-45D3-9F03-1020AD03C0C7", versionEndExcluding: "3.2\\(3a\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4E21FF51-A716-40AE-A9F3-BBAC2CF3A87D", versionEndExcluding: "4.0\\(1a\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "4356AAFD-C447-485B-8F9C-281A076C4BE4", versionEndExcluding: "2.0.1.201", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "4C3732BD-8732-4EE4-B915-92A040A6795B", versionEndExcluding: "2.2.2.54", versionStartIncluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "8D256B7B-1043-4D2B-9E2F-AA25637B29D6", versionEndExcluding: "2.3.1.73", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "FF89AAA7-02D6-486A-9AF6-8977E756115D", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_modules:-:*:*:*:*:*:*:*", matchCriteriaId: "5036DB7B-137C-413E-B328-8E7E5A84D5D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DDF06979-4813-49A4-920D-D3B280B2456C", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0E9D6862-7F78-47D2-B273-8EE4EAE216F5", versionEndExcluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1795", lastModified: "2024-11-21T04:37:23.847", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T21:29:03.367", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108479", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108479", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1795", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D75479AD-9847-497C-9438-AA82D91B6F71", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B6004E45-878B-4034-AD67-8D2CCB01E9B6", versionEndExcluding: "8.1\\(2\\)", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "93C9AFED-1347-4B0E-B031-AF5EA891B9BD", versionEndExcluding: "7.0\\(3\\)i3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "15C899EF-A64F-4FD8-851C-1D4E2929BAF4", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "93C9AFED-1347-4B0E-B031-AF5EA891B9BD", versionEndExcluding: "7.0\\(3\\)i3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "15C899EF-A64F-4FD8-851C-1D4E2929BAF4", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D75479AD-9847-497C-9438-AA82D91B6F71", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*", matchCriteriaId: "02DD5791-E4D3-475C-84B0-E642ACFC5EB6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EEB1EB12-3456-4001-9CF0-D9E25CCD3A54", versionEndExcluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "129FB11D-7F37-4951-A3D2-9C12F74F5583", versionEndExcluding: "3.2\\(2b\\)", versionStartIncluding: "2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.", }, { lang: "es", value: "Una vulnerabilidad en el procesador de paquetes entrantes SNMP (Simple Network Management Protocol) del software Cisco NX-OS podría permitir que la aplicación SNMP se reinicie inesperadamente en un dispositivo afectado. La vulnerabilidad se debe a la validación incorrecta de unidades de datos del protocolo SNMP (PDU) en los paquetes SNMP. Un atacante podría explotar esta vulnerabilidad enviando un paquete SNMP manipulado a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante provoque que la aplicación SNMP se reinicie varias veces, lo que conduce a un reinicio a nivel de sistema y a una condición de denegación de servicio (DoS). La vulnerabilidad afecta a Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCuw99630, CSCvg71290, CSCvj67977.", }, ], id: "CVE-2018-0291", lastModified: "2024-11-21T03:37:54.503", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-20T21:29:00.217", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxossnmp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "6793CE39-88B6-42DF-A586-43BC656F00DD", versionEndIncluding: "2.3.1.173", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3", versionEndExcluding: "2.6.1.187", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*", matchCriteriaId: "35E2BDED-6263-4948-89A3-5D867D52BD48", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*", matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*", matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*", matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*", matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*", matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*", matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*", matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*", matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*", matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*", matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*", matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*", matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*", matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*", matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*", matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "D5494B4B-0BB4-48AE-8B0D-04DE649F9313", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "B3A0C835-6C98-4AB6-89FF-C27117BB6B12", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "395F25CD-FDF5-48D7-A048-A6B4F4779EC9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "124CE49C-1C2B-40A5-8F59-7A223766E12F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*", matchCriteriaId: "A83F3D33-0674-4F74-AEA9-BC824D8536F5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*", matchCriteriaId: "784A450D-8DCA-43E5-8044-A9F2363FB006", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*", matchCriteriaId: "92E88ED4-C2AF-407C-A395-3D7806D68758", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*", matchCriteriaId: "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*", matchCriteriaId: "871D84C5-71EE-4B82-A48C-A1CC68DA332A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*", matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*", matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*", matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*", matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*", matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*", matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*", matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*", matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*", matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*", matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "55812D67-23B2-4EE1-8DEF-B1386551D825", versionEndExcluding: "6.2\\(29\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2516465F-34B9-4E24-B65B-3952DAEF25FD", versionEndExcluding: "8.4\\(1a\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "33FD38EF-3B47-4739-BF0B-FC50D8520DBC", versionEndExcluding: "5.2\\(1\\)sv5\\(1.3\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E", versionEndIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2FE8F16B-D59C-43C7-BECA-3D62B609AB94", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1b\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C", versionEndExcluding: "9.3\\(2\\)", versionStartIncluding: "7.0\\(3\\)f2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2", versionEndExcluding: "7.0\\(3\\)i7\\(8\\)", versionStartIncluding: "7.0\\(3\\)i", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "80E4C5F7-050A-40D8-B087-5F7597B97EEA", versionEndExcluding: "7.3\\(6\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B7D74A33-E46C-4A26-AEFF-A9064415F89E", versionEndExcluding: "6.2\\(24\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DA088812-07C5-47BF-9CB1-66D2E4E6D27C", versionEndExcluding: "7.3\\(5\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A8934F95-3C91-4499-ACA3-8C22DA785ED5", versionEndExcluding: "8.2\\(5\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "66360174-9C40-4147-A94C-8007021C55A5", versionEndExcluding: "8.4\\(2\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "97BA8B03-822E-4544-89A0-23608D635DA7", versionEndExcluding: "13.2\\(9b\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE", versionEndExcluding: "14.2\\(1j\\)", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E", versionEndExcluding: "3.2\\(3m\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una falta de comprobación cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).", }, ], id: "CVE-2020-3120", lastModified: "2024-11-21T05:30:22.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-05T18:15:11.063", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 17:29
Modified
2024-11-21 04:37
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | mds_9000 | - | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nx-os | * | |
| cisco | nexus_3000 | - | |
| cisco | nexus_3100 | - | |
| cisco | nexus_3100-z | - | |
| cisco | nexus_3100v | - | |
| cisco | nexus_3200 | - | |
| cisco | nexus_3400 | - | |
| cisco | nexus_3500 | - | |
| cisco | nexus_3600 | - | |
| cisco | nexus_9000 | - | |
| cisco | nexus_9200 | - | |
| cisco | nexus_9300 | - | |
| cisco | nexus_9500 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nx-os | * | |
| cisco | nexus_5500 | - | |
| cisco | nexus_5600 | - | |
| cisco | nexus_6000 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6332 | - | |
| cisco | usc_6324 | - | |
| cisco | usc_6332-16up | - | |
| cisco | nx-os | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "0AF827BB-FFDE-4D1E-A727-A8D7480001A5", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "8.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D857756F-8C20-4B59-BA89-8373954B0093", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "6ED6E713-DCC5-41A7-94AC-CFF52EBBCBD7", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", versionStartIncluding: "6.0\\(2\\)a8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "521D7202-7B57-49C1-BFC5-6829B96428BA", versionEndExcluding: "7.0\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8", versionEndExcluding: "6.2\\(22\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4E21FF51-A716-40AE-A9F3-BBAC2CF3A87D", versionEndExcluding: "4.0\\(1a\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:usc_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "1B73C2C0-6464-44A3-840C-7FBB500B4CA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:usc_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "9E5F3B75-A48C-43E2-8E69-3747BB50A263", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "ACCCFBCD-6C8D-425B-B597-5D1E5EF125FC", versionEndExcluding: "2.4.1.101", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Secure Configuration Validation functionality of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to run arbitrary commands at system boot time with the privileges of root. The vulnerability is due to a lack of proper validation of system files when the persistent configuration information is read from the file system. An attacker could exploit this vulnerability by authenticating to the device and overwriting the persistent configuration storage with malicious executable files. An exploit could allow the attacker to run arbitrary commands at system startup and those commands will run as the root user. The attacker must have valid administrative credentials for the device.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Secure Configuration Validation de los programas FXOS y NX-OS de Cisco podría permitir que un atacante local autentificado, ejecute comandos arbitrarios en el momento del inicio del sistema con los privilegios de tipo root. La vulnerabilidad es debido a la falta de comprobación adecuada de los archivos del sistema cuando es leida la información de configuración que persiste en el sistema de archivos. Un atacante podría explotar esta vulnerabilidad al identificarse en el dispositivo y sobrescribir el la memoria de configuración persistente con archivos ejecutables maliciosos. Una explotación podría permitir al atacante ejecutar comandos arbitrarios al inicio del sistema y esos comandos se ejecutarán como usuario de root. El atacante deber contar con credenciales administrativas válidas para el dispositivo.", }, ], id: "CVE-2019-1728", lastModified: "2024-11-21T04:37:11.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T17:29:01.593", references: [ { source: "psirt@cisco.com", url: "http://www.securityfocus.com/bid/108391", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/108391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-conf-bypass", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "D19586BF-E7B0-4805-82C9-301648FC237F", versionEndExcluding: "2.6.1.187", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91", versionEndExcluding: "2.7.1.106", versionStartIncluding: "2.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F", versionEndExcluding: "4.0\\(4g\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:hyper-v:*:*", matchCriteriaId: "8CA8CB21-FCD6-43B6-A1F5-904A08351887", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "B8D38023-2A8F-4A26-AC91-9F76A248872D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.140\\):*:*:*:*:*:*:*", matchCriteriaId: "6AB0B748-003C-471F-A911-9DD3079FA250", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(0.146\\):*:*:*:*:*:*:*", matchCriteriaId: "8ED46E9E-2851-4154-9862-E24EDB58AA9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(0.191\\):*:*:*:*:*:*:*", matchCriteriaId: "306FA9EB-4D35-456D-9EE3-DA1701E431CC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:13.2\\(7.230\\):*:*:*:*:*:*:*", matchCriteriaId: "F92C2920-1313-4141-B460-7FE50D092D01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:14.2\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "D8BA2854-BE27-45F8-AF6E-CF6C474CF15B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on an affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2-adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Note: This vulnerability is different from the following Cisco FXOS and NX-OS Software Cisco Discovery Protocol vulnerabilities that Cisco announced on Feb. 5, 2020: Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Cisco Discovery Protocol de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario como root o causar una condición de denegación de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad se presenta debido a encabezados de paquetes de Cisco Discovery Protocol comprobados insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete de Cisco Discovery Protocol diseñado para un dispositivo afectado adyacente de Capa 2. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer que podría permitirle ejecutar código arbitrario como root o causar una condición de DoS sobre el dispositivo afectado. Nota: Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe estar en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente). Nota: Esta vulnerabilidad es diferente de las siguientes vulnerabilidades de Cisco Discovery Protocol de Cisco FXOS and NX-OS Software que Cisco anunció el 5 de febrero de 2020: Vulnerabilidad de Denegación de Servicio de Cisco Discovery Protocol de Cisco FXOS, IOS XR y NX-OS Software y Vulnerabilidad de Ejecución de Código Remota de Cisco Discovery Protocol de Cisco NX-OS Software.", }, ], id: "CVE-2020-3172", lastModified: "2024-11-21T05:30:28.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.343", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-nxos-cdp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-24 20:15
Modified
2024-11-21 05:44
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(3.108\\):*:*:*:*:*:*:*", matchCriteriaId: "1300F966-42F4-4F29-86C6-A11038B17D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(3.117\\):*:*:*:*:*:*:*", matchCriteriaId: "D6A2FFB0-D207-4682-AF8E-EE65812FE889", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "4C1BC928-7DB9-499A-8CF4-90C98218E9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "2A2F42DB-B22B-4880-BA73-D0E0295190DF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0E8D1718-F6B6-4AF6-86EE-0DFF5C6F5AEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(9\\)n1\\(0.823\\):*:*:*:*:*:*:*", matchCriteriaId: "2C25D897-0A4D-4FE8-864A-668CDC229CE1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9EF9A844-F4E9-4EBD-A704-CE55BCC7A636", versionEndExcluding: "4.0\\(4i\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:unified_computing_system:*:*:*:*:*:*:*:*", matchCriteriaId: "3721CBFD-3C90-4454-ACB0-57658D848DAE", versionEndExcluding: "4.1\\(2c\\)", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:r231:*:*:*:*:*:*:*", matchCriteriaId: "EC52EFF8-C5A8-4530-B3F5-03BCC023D6AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted Cisco UDLD protocol packets to a directly connected, affected device. A successful exploit could allow the attacker to execute arbitrary code with administrative privileges or cause the Cisco UDLD process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. The attacker needs full control of a directly connected device. That device must be connected over a port channel that has UDLD enabled. To trigger arbitrary code execution, both the UDLD-enabled port channel and specific system conditions must exist. In the absence of either the UDLD-enabled port channel or the system conditions, attempts to exploit this vulnerability will result in a DoS condition. It is possible, but highly unlikely, that an attacker could control the necessary conditions for exploitation. The CVSS score reflects this possibility. However, given the complexity of exploitation, Cisco has assigned a Medium Security Impact Rating (SIR) to this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) del Software Cisco FXOS y el Software Cisco NX-OS, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario con privilegios administrativos o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes de protocolo Cisco UDLD diseñados a un dispositivo afectado directamente conectado. Una explotación con éxito podría permitir al atacante ejecutar código arbitrario con privilegios administrativos o hacer que el proceso de UDLD de Cisco se bloquee y se reinicie varias veces, causando que el dispositivo afectado se recargue y resulte en una condición de DoS. Nota: La función UDLD está deshabilitada por defecto y las condiciones para explotar esta vulnerabilidad son estrictas. El atacante necesita el control total de un dispositivo conectado directamente. Ese dispositivo debe estar conectado a través de un canal de puerto que tenga UDLD habilitado. Para activar la ejecución de código arbitraria, deben existir tanto el canal de puerto habilitado para UDLD como las condiciones específicas del sistema. En ausencia del canal de puerto habilitado para UDLD o de las condiciones del sistema, los intentos de explotar esta vulnerabilidad resultarán en una condición de DoS. Es posible, pero muy poco probable, que un atacante pueda controlar las condiciones necesarias para la explotación. La puntuación CVSS refleja esta posibilidad. Sin embargo, dada la complejidad de la explotación, Cisco ha asignado una calificación de impacto de seguridad media (SIR) a esta vulnerabilidad", }, ], id: "CVE-2021-1368", lastModified: "2024-11-21T05:44:11.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4.9, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:M/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.4, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-24T20:15:13.473", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-udld-rce-xetH6w35", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@cisco.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96B9E0CF-5926-4DDB-9298-BADDD33B66D0", versionEndExcluding: "3.1\\(3a\\)a", versionStartIncluding: "3.0\\(2\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz web de Cisco FXOS y Cisco UCS Fabric Interconnect Software podría permitir que un atacante remoto sin autenticar provoque un desbordamiento de búfer en un sistema afectado. Esta vulnerabilidad se debe a la incompleta validación de entradas en la interfaz web. Un atacante podría explotar esta vulnerabilidad enviando un paquete HTTP o HTTPS directamente a la interfaz de gestión física de un sistema afectado. Su explotación con éxito podría permitir que el atacante haga que el proceso se cierre inesperadamente y, posiblemente, que se reinicie el dispositivo, provocando una denegación de servicio (DoS) en el sistema afectado. esta vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.", }, ], id: "CVE-2018-0298", lastModified: "2024-11-21T03:37:55.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.240", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-02 09:15
Modified
2024-11-21 04:54
Severity ?
Summary
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 5.2\(1\)sk3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.1a\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2\) | |
| cisco | nx-os | 5.2\(1\)sk3\(2.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.1\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2a\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2b\) | |
| cisco | nx-os | 5.2\(1\)sm1\(5.2c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1a\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1b\) | |
| cisco | nx-os | 5.2\(1\)sm3\(1.1c\) | |
| cisco | nx-os | 5.2\(1\)sm3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.4b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.5b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.6\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.10\) | |
| cisco | nx-os | 5.2\(1\)sv3\(1.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.5\) | |
| cisco | nx-os | 5.2\(1\)sv3\(2.8\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(3.15\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1a\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv3\(4.1b\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.1\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.2\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nx-os | 5.2\(1\)sv5\(1.3\) | |
| cisco | nexus_1000v | - | |
| cisco | nexus_1000ve | - | |
| cisco | nx-os | 5.0\(3\)a1\(1\) | |
| cisco | nx-os | 5.0\(3\)a1\(2\) | |
| cisco | nx-os | 5.0\(3\)a1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1\) | |
| cisco | nx-os | 5.0\(3\)u1\(1a\) | |
| cisco | nx-os | 5.0\(3\)u1\(1b\) | |
| cisco | nx-os | 5.0\(3\)u1\(1c\) | |
| cisco | nx-os | 5.0\(3\)u1\(1d\) | |
| cisco | nx-os | 5.0\(3\)u1\(2\) | |
| cisco | nx-os | 5.0\(3\)u1\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(1\) | |
| cisco | nx-os | 5.0\(3\)u2\(2\) | |
| cisco | nx-os | 5.0\(3\)u2\(2a\) | |
| cisco | nx-os | 5.0\(3\)u2\(2b\) | |
| cisco | nx-os | 5.0\(3\)u2\(2c\) | |
| cisco | nx-os | 5.0\(3\)u2\(2d\) | |
| cisco | nx-os | 5.0\(3\)u3\(1\) | |
| cisco | nx-os | 5.0\(3\)u3\(2\) | |
| cisco | nx-os | 5.0\(3\)u3\(2a\) | |
| cisco | nx-os | 5.0\(3\)u3\(2b\) | |
| cisco | nx-os | 5.0\(3\)u4\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1\) | |
| cisco | nx-os | 5.0\(3\)u5\(1a\) | |
| cisco | nx-os | 5.0\(3\)u5\(1b\) | |
| cisco | nx-os | 5.0\(3\)u5\(1c\) | |
| cisco | nx-os | 5.0\(3\)u5\(1d\) | |
| cisco | nx-os | 5.0\(3\)u5\(1e\) | |
| cisco | nx-os | 5.0\(3\)u5\(1f\) | |
| cisco | nx-os | 5.0\(3\)u5\(1g\) | |
| cisco | nx-os | 5.0\(3\)u5\(1h\) | |
| cisco | nx-os | 5.0\(3\)u5\(1i\) | |
| cisco | nx-os | 5.0\(3\)u5\(1j\) | |
| cisco | nx-os | 6.0\(2\)a1\(1\) | |
| cisco | nx-os | 6.0\(2\)a1\(1a\) | |
| cisco | nx-os | 6.0\(2\)a1\(1b\) | |
| cisco | nx-os | 6.0\(2\)a1\(1c\) | |
| cisco | nx-os | 6.0\(2\)a1\(1d\) | |
| cisco | nx-os | 6.0\(2\)a1\(1e\) | |
| cisco | nx-os | 6.0\(2\)a1\(1f\) | |
| cisco | nx-os | 6.0\(2\)a1\(2d\) | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)u1\(1\) | |
| cisco | nx-os | 6.0\(2\)u1\(1a\) | |
| cisco | nx-os | 6.0\(2\)u1\(2\) | |
| cisco | nx-os | 6.0\(2\)u1\(3\) | |
| cisco | nx-os | 6.0\(2\)u1\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(4.92.4z\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3172 | - | |
| cisco | nx-os | 5.2\(1\)n1\(1\) | |
| cisco | nx-os | 5.2\(1\)n1\(1a\) | |
| cisco | nx-os | 5.2\(1\)n1\(1b\) | |
| cisco | nx-os | 5.2\(1\)n1\(2\) | |
| cisco | nx-os | 5.2\(1\)n1\(2a\) | |
| cisco | nx-os | 5.2\(1\)n1\(3\) | |
| cisco | nx-os | 5.2\(1\)n1\(4\) | |
| cisco | nx-os | 5.2\(1\)n1\(5\) | |
| cisco | nx-os | 5.2\(1\)n1\(6\) | |
| cisco | nx-os | 5.2\(1\)n1\(7\) | |
| cisco | nx-os | 5.2\(1\)n1\(8\) | |
| cisco | nx-os | 5.2\(1\)n1\(8a\) | |
| cisco | nx-os | 5.2\(1\)n1\(8b\) | |
| cisco | nx-os | 5.2\(1\)n1\(9\) | |
| cisco | nx-os | 5.2\(1\)n1\(9a\) | |
| cisco | nx-os | 5.2\(1\)n1\(9b\) | |
| cisco | nx-os | 6.0\(2\)n1\(1\) | |
| cisco | nx-os | 6.0\(2\)n1\(1a\) | |
| cisco | nx-os | 6.0\(2\)n1\(2\) | |
| cisco | nx-os | 6.0\(2\)n1\(2a\) | |
| cisco | nx-os | 6.0\(2\)n2\(1\) | |
| cisco | nx-os | 6.0\(2\)n2\(1b\) | |
| cisco | nx-os | 6.0\(2\)n2\(2\) | |
| cisco | nx-os | 6.0\(2\)n2\(3\) | |
| cisco | nx-os | 6.0\(2\)n2\(4\) | |
| cisco | nx-os | 6.0\(2\)n2\(5\) | |
| cisco | nx-os | 6.0\(2\)n2\(5a\) | |
| cisco | nx-os | 6.0\(2\)n2\(5b\) | |
| cisco | nx-os | 6.0\(2\)n2\(6\) | |
| cisco | nx-os | 6.0\(2\)n2\(7\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nexus_5010 | - | |
| cisco | nexus_5020 | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | 5.2\(1\) | |
| cisco | nx-os | 5.2\(3\) | |
| cisco | nx-os | 5.2\(3a\) | |
| cisco | nx-os | 5.2\(4\) | |
| cisco | nx-os | 5.2\(5\) | |
| cisco | nx-os | 5.2\(7\) | |
| cisco | nx-os | 5.2\(9\) | |
| cisco | nx-os | 5.2\(9a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(1\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(6\)d1\(1\) | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nx-os | 6.1\(2\)i1\(2\) | |
| cisco | nx-os | 6.1\(2\)i1\(3\) | |
| cisco | nx-os | 6.1\(2\)i2\(1\) | |
| cisco | nx-os | 6.1\(2\)i2\(2\) | |
| cisco | nx-os | 6.1\(2\)i2\(2a\) | |
| cisco | nx-os | 6.1\(2\)i2\(2b\) | |
| cisco | nx-os | 6.1\(2\)i2\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(1\) | |
| cisco | nx-os | 6.1\(2\)i3\(2\) | |
| cisco | nx-os | 6.1\(2\)i3\(3\) | |
| cisco | nx-os | 6.1\(2\)i3\(3a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1\) | |
| cisco | nx-os | 7.0\(3\)i1\(1a\) | |
| cisco | nx-os | 7.0\(3\)i1\(1b\) | |
| cisco | nx-os | 7.0\(3\)i1\(1z\) | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | ucs_manager | 3.2\(3n\)a | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| digi | saros | * | |
| hp | x3220nr_firmware | * | |
| hp | x3220nr_firmware | - | |
| treck | tcp\/ip | * | |
| cisco | unified_computing_system | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8AE969C2-960D-4C09-BBCA-B757D925EB5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "5D85822F-209F-4FE3-8ED9-59EC33E71884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9180296D-7BF2-445E-92AB-002D50D8D87B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2\\):*:*:*:*:*:*:*", matchCriteriaId: "E0B7B63E-7B91-48BC-A0E7-5BDC1FCC02AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sk3\\(2.2b\\):*:*:*:*:*:*:*", matchCriteriaId: "28765813-6283-43AF-9C0E-6884B305C158", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.1\\):*:*:*:*:*:*:*", matchCriteriaId: "B3917B37-BA20-4B07-B003-B7E5F99C4A45", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2\\):*:*:*:*:*:*:*", matchCriteriaId: "BA9CEC37-A833-41D6-B3DA-9D17962D0989", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2a\\):*:*:*:*:*:*:*", matchCriteriaId: "3515BB86-5FD5-4203-B1AB-CCC8B784D091", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2b\\):*:*:*:*:*:*:*", matchCriteriaId: "5F310196-08CD-4A81-BE5C-8B484A71CD6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm1\\(5.2c\\):*:*:*:*:*:*:*", matchCriteriaId: "3B8663A9-7287-4A28-8278-124F437A2BD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "36ECC59E-23AB-44F2-982E-8EC6901F6CCF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A7ECE401-189C-4438-8B73-AED84EAEB2B3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1b\\):*:*:*:*:*:*:*", matchCriteriaId: "AEF80603-493F-41D1-B8E1-C73617AD4992", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(1.1c\\):*:*:*:*:*:*:*", matchCriteriaId: "7B5E826B-AD7D-417E-87F4-C702BFB243A0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sm3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "4FC4D1AE-FC2D-4687-BE4A-04064CCDBBA2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "95F0898B-06EC-426E-98A6-753FD1FA1250", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.2\\):*:*:*:*:*:*:*", matchCriteriaId: "48E47ECE-9070-4EC6-BEB2-B6C233419439", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.3\\):*:*:*:*:*:*:*", matchCriteriaId: "5264C81D-8FA2-4C83-A136-A5F2A298DB08", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4\\):*:*:*:*:*:*:*", matchCriteriaId: "675E1BB5-E0B5-4123-819F-641DB1277EC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.4b\\):*:*:*:*:*:*:*", matchCriteriaId: "EADE0C99-64F2-4294-A78B-782006C40F1F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5a\\):*:*:*:*:*:*:*", matchCriteriaId: "9A58D667-218D-42DA-A15F-4DA23762A71B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.5b\\):*:*:*:*:*:*:*", matchCriteriaId: "A4265ACF-8EC4-4794-A31F-28CC6CBEBFE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.6\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BE1868-1AEB-468C-8B96-A0E85A5B7064", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*", matchCriteriaId: "17C275C2-9082-47EC-B525-9EAA427A083B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.15\\):*:*:*:*:*:*:*", matchCriteriaId: "072DA31B-F629-4A39-9149-03CC339C8D01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.1\\):*:*:*:*:*:*:*", matchCriteriaId: "6C3D3F90-5552-45EA-97E6-D298D23A87A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.5\\):*:*:*:*:*:*:*", matchCriteriaId: "0D58CF7B-FCEF-4A97-A9D3-631556FCE3D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(2.8\\):*:*:*:*:*:*:*", matchCriteriaId: "650B2C45-A7F4-4104-BF7A-7C4E18CFA225", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.1\\):*:*:*:*:*:*:*", matchCriteriaId: "2F74EB97-3BC7-4CC5-A48F-57B0C4C0E108", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(3.15\\):*:*:*:*:*:*:*", matchCriteriaId: "EE71BCEF-43A3-41C4-871B-E30DD7BFE3DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1\\):*:*:*:*:*:*:*", matchCriteriaId: "CE33B6DC-0339-4D13-8AEC-7A91A386D3AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1a\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A89675-D360-4476-ADDE-FA3F0EBEC131", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:*:*:*", matchCriteriaId: "BFC48A4A-C4CC-4463-83D8-32192F3B7D8B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:hyper-v:*:*", matchCriteriaId: "71AC07A2-0A94-4531-8733-C399EC926515", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(4.1b\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "9414EB06-685B-449A-AAE0-70BF74B50F59", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.1\\):*:*:*:*:*:*:*", matchCriteriaId: "14F547DC-9941-49B8-9752-FC25D144022F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9F0C0E2-17ED-4CCB-BAFA-CD957ACC8BF6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:*:*:*", matchCriteriaId: "5266D0F6-9B69-43A9-BA66-C0A6C1293BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3\\):*:*:*:*:vsphere:*:*", matchCriteriaId: "DB787D8A-1E09-450B-A7EC-8F2C3B7A0383", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "65CDC91A-BFED-47C3-8B2E-4BEB99F73555", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A58651D4-1292-445F-985F-945E2B881AD1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)a1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "169B0759-C366-4633-99E0-0FCF8CBBB002", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "92BDA5ED-E9AF-4D9C-9D13-BADFC515670C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "F358E8D0-624B-412A-8726-B8AF96156317", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "B178F96C-78D0-466E-B201-FE5371F4610E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AFDC9595-39D4-4BF8-AF18-D27A500C9007", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "7241BFDB-6386-4CBE-ACFB-4599EDE9CB53", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AF7CE90-9433-4E1D-A2AD-0B8854521CCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "171160E9-F6B8-4C8A-B086-431E3E2A27BA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "9CAFAE6E-8B64-4A1F-A7E4-2D4BDFB7D5B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "91C35886-CB9B-4477-9AB3-9F1C9E45E757", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "7F393BE8-8CC4-4302-829F-2C4F97BAC14B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "CE855B3E-B2B8-4EBA-8303-55F6A5A77E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "641D651A-B85B-4E9E-BE92-35AFAE8A63A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7810F6FD-F58F-4121-9D30-8C5E3E163EFD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "09C38DCD-2A5F-4095-ABA4-02E95D93C358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "103A4C19-0E91-45FC-9AA2-F40215FCF63B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F61C03B-D7AB-468A-B092-158730FB3E0B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7F883AA8-CC44-4440-AB30-D7AC29C242F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "7390B4D2-2121-4311-A798-337E8B777A7B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "924C6663-9EA0-4124-ACC6-0AFC649AEA6D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "3C559C83-FB34-4B1A-A6B3-1834D6CD022C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "7F422D53-4FF4-43FB-8F62-D53393A8C038", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "7CFFFE88-17EA-4515-BF71-C0AB82957B21", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "6EF14E5C-B776-4A04-A5CC-853CFF2816B9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1g\\):*:*:*:*:*:*:*", matchCriteriaId: "EF7E681A-F354-4093-84A9-5A357EAB1559", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1h\\):*:*:*:*:*:*:*", matchCriteriaId: "8B627C66-CFE1-40B9-8264-392BB091EA52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1i\\):*:*:*:*:*:*:*", matchCriteriaId: "512B7DAC-3929-4063-9AA4-0C6B1E3047A5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u5\\(1j\\):-:*:*:*:*:*:*", matchCriteriaId: "E51725F9-753E-4D03-B132-38EB0A00BC3E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "CA76DC9B-8325-4BF6-B729-FA781E88E7AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "26BC5100-7F5D-4603-A313-00767C6DA96F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "A2EA595C-6A01-4D8D-9CB9-F280D540D3FC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "882CE57A-B06D-4E93-A181-B74017ABBCC4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "60848441-E3E5-47E8-809B-0B226658425E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1e\\):*:*:*:*:*:*:*", matchCriteriaId: "3A196373-F643-4D7E-8DC7-8FFD60660B46", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(1f\\):*:*:*:*:*:*:*", matchCriteriaId: "090903C2-4B6A-4DE5-9AD6-76A412E81A92", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a1\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "7AF52EFA-7DE0-4669-ABA9-596D7D9A23AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF658ED7-F77C-405B-B06A-74B46FBDAD98", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7295EC54-FA19-4658-8510-3C072804D9E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B31E39D5-147B-4965-ACB6-34F1244143F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3D672928-6AE8-488B-A2A5-257074BAB2D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E64D8992-CA79-4ADF-BF3B-A76E944EC740", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "11A35378-54EB-422F-B0DD-211B214803D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "1E46D326-665C-4DB7-89A0-0F1B987D4A18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5BFA21F2-E2B2-49B6-9956-D6219D499F7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "52899164-992D-4736-B460-FDFB825DB7A8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "8766DA4C-A25C-48D4-A6FC-2357200A9215", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "B6C48105-F73E-40C9-8CD9-B46C5319FB5E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "94F5B47A-023B-4415-8DB9-6829C5E72901", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4.92.4z\\):*:*:*:*:*:*:*", matchCriteriaId: "AF23DA92-A5C0-488B-806E-8549190A08B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "625BE6B1-12A7-4A8A-A816-E82C026E0457", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "4EAC2920-462B-44F0-8E93-7875C2F74592", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "35957A41-D8F2-4BC1-986B-C3E271327D64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "4301927C-7A6D-4DA9-9470-9182E7FB234A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C775E53-781D-4426-A59B-DB65D697A844", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "619DEAAE-3356-4079-8CC8-F477FCA18199", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "757A0C8E-4817-41DD-A609-2B61C36DBBCB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3AECFED5-8D06-4396-BDD2-AAA0F5241839", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "772A297E-E323-4D2D-9129-6C4FC63643DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "149ABB41-A8FF-4A8F-888E-F27BDAAE9C0C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "6918EB91-679A-4F47-BB9E-3A22287F14FD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "A0464AAE-73CF-4B24-A5CE-5C1131909CF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "68376361-C835-4552-8490-553C9A082615", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "270620E3-92B7-4914-88C7-9D955B2B856E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A8E48600-FD20-4743-A3E8-AD5297164551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "4A10C1B6-616E-4F94-8889-9C99906326D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "01A091A5-2848-4901-B193-1EC9DD8A52E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "380FEA27-D68C-48DA-B2B9-4A3B3A71B059", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "3EAF9D9A-BFA7-43B2-BCF5-D4AE884AFB44", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "31224B4A-CE5F-4B6E-8BAD-DF5BAA7EEB78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9a\\):*:*:*:*:*:*:*", matchCriteriaId: "B64B9F42-0779-439F-ABF9-4183B9A10D88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)n1\\(9b\\):*:*:*:*:*:*:*", matchCriteriaId: "704B6AA4-D001-45B6-9E84-10F7E70CD9DE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C871A419-B769-46B2-956E-467BBE94F290", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "1AB525D6-6E1B-4806-A981-F0FEA87E516B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "7EACF481-3E4B-4580-8AE7-3D49790E0715", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "698ABD3F-C9DE-4376-B57A-D05AEDCD9A25", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "5010EDAE-67BB-4E23-B0F5-10096A7DAB54", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "84CF5114-731F-4BF4-83E0-9B095C34541C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4750621F-E7C5-4E6A-BC5F-232E75A454E6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08F35A63-9343-47D6-AB91-37AB148137E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "CADBDD1D-DA17-40EE-8B23-81E9991387DD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A623F8E1-B97B-41DD-947F-7E1B65DD6902", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "4F3D9588-D98A-45FC-8344-58C55F35610E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "90C2E584-4BA6-48E7-8C56-A7F7D9BABC93", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "4A190D0A-B758-49BA-9830-9870F699DA0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)n2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "EF5613C4-6D05-4CF3-931F-F685150494DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A462729A-720F-4180-96DD-713A70CEF494", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "832DE1DB-0D1C-4C24-8E2D-D182205C94B0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*", matchCriteriaId: "D0FBFB9B-703D-42F8-93BA-969AB7284106", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C95519E-7536-4EF7-8222-D4089500F826", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "71F56568-57E6-4C1C-AC8A-D96E097E449E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F631EAC6-1D33-485E-9E00-8572FA015C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "25CEAE9E-DD9B-41E2-BC39-3332F428B489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C801D4A-E604-49CA-8D14-13622E85C563", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "EC78BEB7-47D1-4544-BC40-AB5D73B93D78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "A1F519D0-64BC-4862-8894-4F6C248253C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "94A247A8-E918-4757-9ADE-251B027CD307", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "195CD630-4949-4B52-B9FF-94F3DEFB47AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "225E5070-B635-4752-B771-0E721C96C2AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9E5CD729-234E-43C0-A6A3-A3E0983A6605", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4A30E576-56F8-4EBA-AADE-C70655DE6E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "74415A0A-A3F4-43BB-B609-B6641771D655", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "94AA886F-7BD1-4699-B1D3-E495EFCA2812", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "41A683FE-68AF-43E4-B846-2E82ACDD5E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C8B149C-D842-496A-BE21-41920F95139C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "1A727000-44CC-461C-A7D6-0B9A99CB974A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "105B6601-D756-4B76-9554-5B6E027A5E8E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B1340D1-8EE8-484F-979A-AB9E34D35EB3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6AE0D110-D8D7-4D50-A599-618A5120EDD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\):-:*:*:*:*:*:*", matchCriteriaId: "1D901758-5416-422A-A745-89EF53C5ADF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "BB17004B-E1FE-4BE6-89A3-43AC2D967000", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "0C628947-4A0E-4904-A6F7-745C3370A8F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "356B4143-5184-491B-9D10-19D6536366CD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "C038896F-6DBC-4695-9DBE-A60F6C39AFFC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "9F2453F2-704F-48F7-8009-991BE0B49251", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E00B4AC8-1D27-4394-AF28-10785AEFC073", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(9a\\):*:*:*:*:*:*:*", matchCriteriaId: "7AA95379-A172-4262-8B34-A912E47BFB2D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*", matchCriteriaId: "65CCE422-71DB-4500-AC91-9FB4DD5924A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*", matchCriteriaId: "C37B944B-CFB6-41F6-B4ED-049BEB3732E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C18A0045-87F3-4782-81C5-0BF615EA9346", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FF9B10D1-29C0-4B16-813A-B535C4C64E47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "84551391-3A13-42EC-855F-FBB3453F65D4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "42D84BD8-D76B-422E-9E46-4A667A981FAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0DFA7E-9B40-4E82-9EB9-886C79B2D61C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CD1CA5A5-703E-46B1-A4C8-EF8FAD58049E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "48889960-437F-4848-9D91-DF8BAA118C63", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1BB0F49B-85C0-4C52-82E0-C2683D43B553", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "9ABB647D-B91E-4C2F-9FBE-1C9AAB27E2D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "384B7337-1C2F-479E-BB2B-F31320D82EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "9ED50316-7044-4757-9C51-5543BA5693A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "1CB11917-C606-4025-A91A-596F7D47A311", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69B757AE-83C8-4194-9BAE-DBECA2021597", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "EB1A44C9-147B-4D1F-AB98-EB4F9F8C1C3D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "702EF8D5-1F3F-45EF-AC8D-BD5A9E46A78E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "30AE9092-DCF1-472F-B26D-E5BAA8DF25DC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C775E53-781D-4426-A59B-DB65D697A844", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "619DEAAE-3356-4079-8CC8-F477FCA18199", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "3DFE4CA5-42CC-4D81-B044-2D4EDFA37AA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:3.2\\(3n\\)a:*:*:*:*:*:*:*", matchCriteriaId: "13FF5911-F491-4741-8602-31CB00884520", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:digi:saros:*:*:*:*:*:*:*:*", matchCriteriaId: "C98B5C59-8AF6-448B-AB76-BB3FAA7D4DD6", versionEndExcluding: "8.1.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:hp:x3220nr_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A230831D-5238-49D4-9137-AB51BA84FEE5", versionEndExcluding: "3.00.11.08", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:x3220nr_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "778ED36E-19A5-4BB7-A0C2-D7695DCC84C1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:treck:tcp\\/ip:*:*:*:*:*:*:*:*", matchCriteriaId: "197CE9E4-02C7-4C1F-87D2-DFD6FF636DF2", versionEndExcluding: "6.0.1.67", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:unified_computing_system:-:*:*:*:*:*:*:*", matchCriteriaId: "B944AB06-2598-431A-B6A6-0C108EBDCD5C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.", }, { lang: "es", value: "Múltiples productos que implementan la IP Encapsulation dentro del estándar IP (RFC 2003, STD 1) desencapsulan y enrutan el tráfico IP-in-IP sin ninguna comprobación, lo que podría permitir a un atacante remoto no autenticado enrutar tráfico arbitrario por medio de una interfaz de red expuesta y conllevar a una falsificación, omisión de control de acceso y otros comportamientos inesperados de la red.", }, ], id: "CVE-2020-10136", lastModified: "2024-11-21T04:54:53.377", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-02T09:15:09.967", references: [ { source: "cret@cert.org", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/636397/", }, { source: "cret@cert.org", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", ], url: "https://www.digi.com/resources/security", }, { source: "cret@cert.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/636397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://datatracker.ietf.org/doc/html/rfc6169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://kb.cert.org/vuls/id/636397/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ipip-dos-kCT9X4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.digi.com/resources/security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/636397", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-290", }, ], source: "cret@cert.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-290", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | 3.1\(1k\)a | |
| cisco | ucs_6120xp | - | |
| cisco | ucs_6140xp | - | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_9300_security_appliance | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(1k\\)a:*:*:*:*:*:*:*", matchCriteriaId: "0EA36065-8E6E-4B44-9275-6E66D764E752", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "63CFEFD0-F2F2-4220-903C-A11446902C4D", versionEndExcluding: "1.1.4.169", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2695D838-79D5-4C2F-8B41-0900AABAAE48", versionEndExcluding: "2.0.1.135", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, { lang: "es", value: "Una vulnerabilidad en el analizador de la interfaz de línea de comandos de Cisco FXOS y Cisco UCS Fabric Interconnect Software podría permitir que un atacante local autenticado provoque un desbordamiento de búfer en un sistema afectado. Esta vulnerabilidad se debe a la validación de entradas incorrecta en el subsistema del analizador de la interfaz de línea de comandos. Un atacante podría explotar esta vulnerabilidad sobrepasando la longitud esperada de la entrada de usuario. Su explotación con éxito podría permitir que el atacante ejecute código arbitrario con privilegios root en el sistema afectado. Esta vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61099, CSCvb86743.", }, ], id: "CVE-2018-0302", lastModified: "2024-11-21T03:37:56.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.367", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxos-ace", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_extensible_operating_system | * | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4112 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - | |
| cisco | nx-os | 6.0\(2\)a3\(1\) | |
| cisco | nx-os | 6.0\(2\)a3\(2\) | |
| cisco | nx-os | 6.0\(2\)a3\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(1\) | |
| cisco | nx-os | 6.0\(2\)a4\(2\) | |
| cisco | nx-os | 6.0\(2\)a4\(3\) | |
| cisco | nx-os | 6.0\(2\)a4\(4\) | |
| cisco | nx-os | 6.0\(2\)a4\(5\) | |
| cisco | nx-os | 6.0\(2\)a4\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(1\) | |
| cisco | nx-os | 6.0\(2\)a6\(1a\) | |
| cisco | nx-os | 6.0\(2\)a6\(2\) | |
| cisco | nx-os | 6.0\(2\)a6\(2a\) | |
| cisco | nx-os | 6.0\(2\)a6\(3\) | |
| cisco | nx-os | 6.0\(2\)a6\(3a\) | |
| cisco | nx-os | 6.0\(2\)a6\(4\) | |
| cisco | nx-os | 6.0\(2\)a6\(4a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5\) | |
| cisco | nx-os | 6.0\(2\)a6\(5a\) | |
| cisco | nx-os | 6.0\(2\)a6\(5b\) | |
| cisco | nx-os | 6.0\(2\)a6\(6\) | |
| cisco | nx-os | 6.0\(2\)a6\(7\) | |
| cisco | nx-os | 6.0\(2\)a6\(8\) | |
| cisco | nx-os | 6.0\(2\)a7\(1\) | |
| cisco | nx-os | 6.0\(2\)a7\(1a\) | |
| cisco | nx-os | 6.0\(2\)a7\(2\) | |
| cisco | nx-os | 6.0\(2\)a7\(2a\) | |
| cisco | nx-os | 6.0\(2\)a8 | |
| cisco | nx-os | 6.0\(2\)a8\(1\) | |
| cisco | nx-os | 6.0\(2\)a8\(2\) | |
| cisco | nx-os | 6.0\(2\)a8\(3\) | |
| cisco | nx-os | 6.0\(2\)a8\(4\) | |
| cisco | nx-os | 6.0\(2\)a8\(4a\) | |
| cisco | nx-os | 6.0\(2\)a8\(5\) | |
| cisco | nx-os | 6.0\(2\)a8\(6\) | |
| cisco | nx-os | 6.0\(2\)a8\(6.213\) | |
| cisco | nx-os | 6.0\(2\)a8\(7\) | |
| cisco | nx-os | 6.0\(2\)a8\(7a\) | |
| cisco | nx-os | 6.0\(2\)a8\(7b\) | |
| cisco | nx-os | 6.0\(2\)a8\(8\) | |
| cisco | nx-os | 6.0\(2\)a8\(9\) | |
| cisco | nx-os | 6.0\(2\)a8\(9.7\) | |
| cisco | nx-os | 6.0\(2\)a8\(10\) | |
| cisco | nx-os | 6.0\(2\)a8\(10a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11\) | |
| cisco | nx-os | 6.0\(2\)a8\(11a\) | |
| cisco | nx-os | 6.0\(2\)a8\(11b\) | |
| cisco | nx-os | 6.0\(2\)u2\(1\) | |
| cisco | nx-os | 6.0\(2\)u2\(2\) | |
| cisco | nx-os | 6.0\(2\)u2\(3\) | |
| cisco | nx-os | 6.0\(2\)u2\(4\) | |
| cisco | nx-os | 6.0\(2\)u2\(5\) | |
| cisco | nx-os | 6.0\(2\)u2\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(1\) | |
| cisco | nx-os | 6.0\(2\)u3\(2\) | |
| cisco | nx-os | 6.0\(2\)u3\(3\) | |
| cisco | nx-os | 6.0\(2\)u3\(4\) | |
| cisco | nx-os | 6.0\(2\)u3\(5\) | |
| cisco | nx-os | 6.0\(2\)u3\(6\) | |
| cisco | nx-os | 6.0\(2\)u3\(7\) | |
| cisco | nx-os | 6.0\(2\)u3\(8\) | |
| cisco | nx-os | 6.0\(2\)u3\(9\) | |
| cisco | nx-os | 6.0\(2\)u4\(1\) | |
| cisco | nx-os | 6.0\(2\)u4\(2\) | |
| cisco | nx-os | 6.0\(2\)u4\(3\) | |
| cisco | nx-os | 6.0\(2\)u4\(4\) | |
| cisco | nx-os | 6.0\(2\)u5\(1\) | |
| cisco | nx-os | 6.0\(2\)u5\(2\) | |
| cisco | nx-os | 6.0\(2\)u5\(3\) | |
| cisco | nx-os | 6.0\(2\)u5\(4\) | |
| cisco | nx-os | 6.0\(2\)u6 | |
| cisco | nx-os | 6.0\(2\)u6\(0.46\) | |
| cisco | nx-os | 6.0\(2\)u6\(1\) | |
| cisco | nx-os | 6.0\(2\)u6\(1a\) | |
| cisco | nx-os | 6.0\(2\)u6\(2\) | |
| cisco | nx-os | 6.0\(2\)u6\(2a\) | |
| cisco | nx-os | 6.0\(2\)u6\(3\) | |
| cisco | nx-os | 6.0\(2\)u6\(3a\) | |
| cisco | nx-os | 6.0\(2\)u6\(4\) | |
| cisco | nx-os | 6.0\(2\)u6\(4a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5\) | |
| cisco | nx-os | 6.0\(2\)u6\(5a\) | |
| cisco | nx-os | 6.0\(2\)u6\(5b\) | |
| cisco | nx-os | 6.0\(2\)u6\(5c\) | |
| cisco | nx-os | 6.0\(2\)u6\(6\) | |
| cisco | nx-os | 6.0\(2\)u6\(7\) | |
| cisco | nx-os | 6.0\(2\)u6\(8\) | |
| cisco | nx-os | 6.0\(2\)u6\(9\) | |
| cisco | nx-os | 6.0\(2\)u6\(10\) | |
| cisco | nx-os | 6.0\(2\)u6\(10a\) | |
| cisco | nx-os | 6.2\(2\) | |
| cisco | nx-os | 6.2\(2a\) | |
| cisco | nx-os | 6.2\(3\) | |
| cisco | nx-os | 6.2\(3n\) | |
| cisco | nx-os | 6.2\(5\) | |
| cisco | nx-os | 6.2\(5a\) | |
| cisco | nx-os | 6.2\(6\) | |
| cisco | nx-os | 6.2\(6a\) | |
| cisco | nx-os | 6.2\(6b\) | |
| cisco | nx-os | 6.2\(7\) | |
| cisco | nx-os | 6.2\(8\) | |
| cisco | nx-os | 6.2\(8a\) | |
| cisco | nx-os | 6.2\(8b\) | |
| cisco | nx-os | 6.2\(10\) | |
| cisco | nx-os | 6.2\(11b\) | |
| cisco | nx-os | 6.2\(12\) | |
| cisco | nx-os | 6.2\(14\) | |
| cisco | nx-os | 6.2\(14a\) | |
| cisco | nx-os | 6.2\(14b\) | |
| cisco | nx-os | 6.2\(16\) | |
| cisco | nx-os | 6.2\(18\) | |
| cisco | nx-os | 6.2\(20\) | |
| cisco | nx-os | 6.2\(20a\) | |
| cisco | nx-os | 6.2\(22\) | |
| cisco | nx-os | 6.2\(24\) | |
| cisco | nx-os | 6.2\(25\) | |
| cisco | nx-os | 6.2\(27\) | |
| cisco | nx-os | 7.0\(0\)n1\(1\) | |
| cisco | nx-os | 7.0\(1\)n1\(1\) | |
| cisco | nx-os | 7.0\(2\)n1\(1\) | |
| cisco | nx-os | 7.0\(3\)f1 | |
| cisco | nx-os | 7.0\(3\)f2 | |
| cisco | nx-os | 7.0\(3\)f3 | |
| cisco | nx-os | 7.0\(3\)f3\(1\) | |
| cisco | nx-os | 7.0\(3\)f3\(2\) | |
| cisco | nx-os | 7.0\(3\)f3\(3\) | |
| cisco | nx-os | 7.0\(3\)f3\(3a\) | |
| cisco | nx-os | 7.0\(3\)f3\(3b\) | |
| cisco | nx-os | 7.0\(3\)f3\(3c\) | |
| cisco | nx-os | 7.0\(3\)f3\(4\) | |
| cisco | nx-os | 7.0\(3\)f3\(5\) | |
| cisco | nx-os | 7.0\(3\)i2\(1\) | |
| cisco | nx-os | 7.0\(3\)i2\(1a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2\) | |
| cisco | nx-os | 7.0\(3\)i2\(2a\) | |
| cisco | nx-os | 7.0\(3\)i2\(2b\) | |
| cisco | nx-os | 7.0\(3\)i2\(2c\) | |
| cisco | nx-os | 7.0\(3\)i2\(2d\) | |
| cisco | nx-os | 7.0\(3\)i2\(2e\) | |
| cisco | nx-os | 7.0\(3\)i2\(2r\) | |
| cisco | nx-os | 7.0\(3\)i2\(2s\) | |
| cisco | nx-os | 7.0\(3\)i2\(2v\) | |
| cisco | nx-os | 7.0\(3\)i2\(2w\) | |
| cisco | nx-os | 7.0\(3\)i2\(2x\) | |
| cisco | nx-os | 7.0\(3\)i2\(2y\) | |
| cisco | nx-os | 7.0\(3\)i3\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1\) | |
| cisco | nx-os | 7.0\(3\)i4\(1t\) | |
| cisco | nx-os | 7.0\(3\)i4\(2\) | |
| cisco | nx-os | 7.0\(3\)i4\(3\) | |
| cisco | nx-os | 7.0\(3\)i4\(4\) | |
| cisco | nx-os | 7.0\(3\)i4\(5\) | |
| cisco | nx-os | 7.0\(3\)i4\(6\) | |
| cisco | nx-os | 7.0\(3\)i4\(6t\) | |
| cisco | nx-os | 7.0\(3\)i4\(7\) | |
| cisco | nx-os | 7.0\(3\)i4\(8\) | |
| cisco | nx-os | 7.0\(3\)i4\(8a\) | |
| cisco | nx-os | 7.0\(3\)i4\(8b\) | |
| cisco | nx-os | 7.0\(3\)i4\(8z\) | |
| cisco | nx-os | 7.0\(3\)i4\(9\) | |
| cisco | nx-os | 7.0\(3\)i5 | |
| cisco | nx-os | 7.0\(3\)i5\(1\) | |
| cisco | nx-os | 7.0\(3\)i5\(2\) | |
| cisco | nx-os | 7.0\(3\)i5\(3\) | |
| cisco | nx-os | 7.0\(3\)i5\(3a\) | |
| cisco | nx-os | 7.0\(3\)i5\(3b\) | |
| cisco | nx-os | 7.0\(3\)i6\(1\) | |
| cisco | nx-os | 7.0\(3\)i6\(2\) | |
| cisco | nx-os | 7.0\(3\)i7 | |
| cisco | nx-os | 7.0\(3\)i7\(1\) | |
| cisco | nx-os | 7.0\(3\)i7\(2\) | |
| cisco | nx-os | 7.0\(3\)i7\(3\) | |
| cisco | nx-os | 7.0\(3\)i7\(3z\) | |
| cisco | nx-os | 7.0\(3\)i7\(4\) | |
| cisco | nx-os | 7.0\(3\)i7\(5\) | |
| cisco | nx-os | 7.0\(3\)i7\(5a\) | |
| cisco | nx-os | 7.0\(3\)i7\(6\) | |
| cisco | nx-os | 7.0\(3\)i7\(6z\) | |
| cisco | nx-os | 7.0\(3\)i7\(7\) | |
| cisco | nx-os | 7.0\(3\)i7\(8\) | |
| cisco | nx-os | 7.0\(3\)ia7\(1\) | |
| cisco | nx-os | 7.0\(3\)ia7\(2\) | |
| cisco | nx-os | 7.0\(3\)ic4\(4\) | |
| cisco | nx-os | 7.0\(3\)im3\(1\) | |
| cisco | nx-os | 7.0\(3\)im3\(2\) | |
| cisco | nx-os | 7.0\(3\)im3\(2a\) | |
| cisco | nx-os | 7.0\(3\)im3\(2b\) | |
| cisco | nx-os | 7.0\(3\)im3\(3\) | |
| cisco | nx-os | 7.0\(3\)im7\(2\) | |
| cisco | nx-os | 7.0\(3\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1\) | |
| cisco | nx-os | 7.0\(4\)n1\(1a\) | |
| cisco | nx-os | 7.0\(5\)n1\(1\) | |
| cisco | nx-os | 7.0\(5\)n1\(1a\) | |
| cisco | nx-os | 7.0\(6\)n1\(1\) | |
| cisco | nx-os | 7.0\(6\)n1\(2s\) | |
| cisco | nx-os | 7.0\(6\)n1\(3s\) | |
| cisco | nx-os | 7.0\(6\)n1\(4s\) | |
| cisco | nx-os | 7.0\(7\)n1\(1\) | |
| cisco | nx-os | 7.0\(7\)n1\(1a\) | |
| cisco | nx-os | 7.0\(7\)n1\(1b\) | |
| cisco | nx-os | 7.0\(8\)n1\(1\) | |
| cisco | nx-os | 7.0\(8\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1\) | |
| cisco | nx-os | 7.1\(0\)n1\(1a\) | |
| cisco | nx-os | 7.1\(0\)n1\(1b\) | |
| cisco | nx-os | 7.1\(0.1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1\) | |
| cisco | nx-os | 7.1\(1\)n1\(1a\) | |
| cisco | nx-os | 7.1\(2\)n1\(1\) | |
| cisco | nx-os | 7.1\(2\)n1\(1a\) | |
| cisco | nx-os | 7.1\(3\)n1\(1\) | |
| cisco | nx-os | 7.1\(3\)n1\(2\) | |
| cisco | nx-os | 7.1\(3\)n1\(2a\) | |
| cisco | nx-os | 7.1\(3\)n1\(3\) | |
| cisco | nx-os | 7.1\(3\)n1\(4\) | |
| cisco | nx-os | 7.1\(3\)n1\(5\) | |
| cisco | nx-os | 7.1\(4\)n1\(1\) | |
| cisco | nx-os | 7.1\(4\)n1\(1a\) | |
| cisco | nx-os | 7.1\(4\)n1\(1c\) | |
| cisco | nx-os | 7.1\(4\)n1\(1d\) | |
| cisco | nx-os | 7.1\(5\)n1\(1\) | |
| cisco | nx-os | 7.1\(5\)n1\(1b\) | |
| cisco | nx-os | 7.2\(0\)d1\(1\) | |
| cisco | nx-os | 7.2\(0\)n1\(1\) | |
| cisco | nx-os | 7.2\(1\)d\(1\) | |
| cisco | nx-os | 7.2\(1\)n1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(1\) | |
| cisco | nx-os | 7.2\(2\)d1\(2\) | |
| cisco | nx-os | 7.2\(2\)d1\(3\) | |
| cisco | nx-os | 7.2\(2\)d1\(4\) | |
| cisco | nx-os | 7.3\(0\)d1\(1\) | |
| cisco | nx-os | 7.3\(0\)dx\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1\) | |
| cisco | nx-os | 7.3\(0\)n1\(1a\) | |
| cisco | nx-os | 7.3\(0\)n1\(1b\) | |
| cisco | nx-os | 7.3\(1\)d1\(1\) | |
| cisco | nx-os | 7.3\(1\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1\) | |
| cisco | nx-os | 7.3\(2\)d1\(1d\) | |
| cisco | nx-os | 7.3\(2\)d1\(2\) | |
| cisco | nx-os | 7.3\(2\)d1\(3\) | |
| cisco | nx-os | 7.3\(2\)d1\(3a\) | |
| cisco | nx-os | 7.3\(2\)n1\(1\) | |
| cisco | nx-os | 7.3\(2\)n1\(1b\) | |
| cisco | nx-os | 7.3\(2\)n1\(1c\) | |
| cisco | nx-os | 7.3\(3\)d1\(1\) | |
| cisco | nx-os | 7.3\(3\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)d1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1\) | |
| cisco | nx-os | 7.3\(4\)n1\(1a\) | |
| cisco | nx-os | 7.3\(5\)d1\(1\) | |
| cisco | nx-os | 7.3\(5\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1\) | |
| cisco | nx-os | 7.3\(6\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1\) | |
| cisco | nx-os | 7.3\(7\)n1\(1a\) | |
| cisco | nx-os | 7.3\(7\)n1\(1b\) | |
| cisco | nx-os | 8.0\(1\) | |
| cisco | nx-os | 8.1\(1\) | |
| cisco | nx-os | 8.1\(1a\) | |
| cisco | nx-os | 8.1\(1b\) | |
| cisco | nx-os | 8.1\(2\) | |
| cisco | nx-os | 8.1\(2a\) | |
| cisco | nx-os | 8.2\(1\) | |
| cisco | nx-os | 8.2\(2\) | |
| cisco | nx-os | 8.2\(3\) | |
| cisco | nx-os | 8.2\(4\) | |
| cisco | nx-os | 8.2\(5\) | |
| cisco | nx-os | 8.3\(1\) | |
| cisco | nx-os | 8.3\(2\) | |
| cisco | nx-os | 8.4\(1\) | |
| cisco | nx-os | 8.4\(1a\) | |
| cisco | nx-os | 9.2\(1\) | |
| cisco | nx-os | 9.2\(2\) | |
| cisco | nx-os | 9.2\(2t\) | |
| cisco | nx-os | 9.2\(2v\) | |
| cisco | nx-os | 9.2\(3\) | |
| cisco | nx-os | 9.2\(3y\) | |
| cisco | nx-os | 9.3\(1\) | |
| cisco | nx-os | 9.3\(1z\) | |
| cisco | nx-os | 9.3\(2\) | |
| cisco | nx-os | 9.3\(3\) | |
| cisco | mds_9100 | - | |
| cisco | mds_9200 | - | |
| cisco | mds_9500 | - | |
| cisco | mds_9700 | - | |
| cisco | nexus_3016 | - | |
| cisco | nexus_3048 | - | |
| cisco | nexus_3064 | - | |
| cisco | nexus_3064-t | - | |
| cisco | nexus_31108pc-v | - | |
| cisco | nexus_31108tc-v | - | |
| cisco | nexus_31128pq | - | |
| cisco | nexus_3132c-z | - | |
| cisco | nexus_3132q | - | |
| cisco | nexus_3132q-v | - | |
| cisco | nexus_3132q-xl | - | |
| cisco | nexus_3164q | - | |
| cisco | nexus_3172 | - | |
| cisco | nexus_3172pq-xl | - | |
| cisco | nexus_3172tq | - | |
| cisco | nexus_3172tq-32t | - | |
| cisco | nexus_3172tq-xl | - | |
| cisco | nexus_3232c | - | |
| cisco | nexus_3264c-e | - | |
| cisco | nexus_3264q | - | |
| cisco | nexus_3408-s | - | |
| cisco | nexus_34180yc | - | |
| cisco | nexus_3432d-s | - | |
| cisco | nexus_3464c | - | |
| cisco | nexus_3524 | - | |
| cisco | nexus_3524-x | - | |
| cisco | nexus_3524-xl | - | |
| cisco | nexus_3548 | - | |
| cisco | nexus_3548-x | - | |
| cisco | nexus_3548-xl | - | |
| cisco | nexus_36180yc-r | - | |
| cisco | nexus_3636c-r | - | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nexus_7000 | - | |
| cisco | nexus_7700 | - | |
| cisco | nexus_9000v | - | |
| cisco | nexus_92160yc-x | - | |
| cisco | nexus_92300yc | - | |
| cisco | nexus_92304qc | - | |
| cisco | nexus_92348gc-x | - | |
| cisco | nexus_9236c | - | |
| cisco | nexus_9272q | - | |
| cisco | nexus_93108tc-ex | - | |
| cisco | nexus_93108tc-fx | - | |
| cisco | nexus_93120tx | - | |
| cisco | nexus_93128tx | - | |
| cisco | nexus_93180lc-ex | - | |
| cisco | nexus_93180yc-ex | - | |
| cisco | nexus_93180yc-fx | - | |
| cisco | nexus_93216tc-fx2 | - | |
| cisco | nexus_93240yc-fx2 | - | |
| cisco | nexus_9332c | - | |
| cisco | nexus_9332pq | - | |
| cisco | nexus_93360yc-fx2 | - | |
| cisco | nexus_9336c-fx2 | - | |
| cisco | nexus_9336pq_aci_spine | - | |
| cisco | nexus_9348gc-fxp | - | |
| cisco | nexus_9364c | - | |
| cisco | nexus_9372px | - | |
| cisco | nexus_9372px-e | - | |
| cisco | nexus_9372tx | - | |
| cisco | nexus_9372tx-e | - | |
| cisco | nexus_9396px | - | |
| cisco | nexus_9396tx | - | |
| cisco | nexus_9504 | - | |
| cisco | nexus_9508 | - | |
| cisco | nexus_9516 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6300 | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "AECBA131-0D2F-466D-847B-60F72199C90E", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "B3A7CA3B-47C2-4721-B8A9-14C2C02969E0", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF658ED7-F77C-405B-B06A-74B46FBDAD98", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "4F0FDDF2-912C-4900-B0B7-20AF5D2F1B52", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "7295EC54-FA19-4658-8510-3C072804D9E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B31E39D5-147B-4965-ACB6-34F1244143F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3D672928-6AE8-488B-A2A5-257074BAB2D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C928C35-4E24-4DBE-ADEA-D449B88ECB6B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "E64D8992-CA79-4ADF-BF3B-A76E944EC740", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "11A35378-54EB-422F-B0DD-211B214803D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "1E46D326-665C-4DB7-89A0-0F1B987D4A18", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "73B9FE4E-0C82-4511-9A4A-DCBFEB93DE87", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "BB8F0200-7BCA-49E9-98E0-D825630D77FF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "61FCA143-FDAB-472D-B9E1-F7CB4041BBE1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "61F736DD-44FE-4A20-AF89-4B29725608A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8844860D-427F-4B01-980A-59B082F26034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "CCA96B43-0793-4784-A971-DD442EBFF6BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "B13305C9-008F-488A-ADC7-0724AFB313DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "50DFAF49-0688-4A5A-9023-E2543164D89C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "46376F5C-2CF0-46F1-ADCF-870065A24D12", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "5EB6C0E3-9B92-4768-93BB-8B8626EB164A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "F4EA572E-5F4F-45F1-B7A1-346F723C2BDD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EA3CBB-EAF7-4837-96AF-0258220C4A5A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "5E6FB730-84CD-496D-9140-BC9375548D14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "BD712B88-298A-4488-A053-67CB45190F57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4ED5F397-D3E6-4A4A-BF38-6B295A6AB9BE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "11D98EBD-9D82-492E-A3A6-62D95404D5C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "56D91C38-76AB-47F5-BDDE-E940D87C34F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a7\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF78015A-5C28-4FD2-915E-EC343201A9D8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8:*:*:*:*:*:*:*", matchCriteriaId: "9DCBF1FE-C124-4DBA-B127-D484D5C9110C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "31308B18-062C-4DB8-9241-F15661C06398", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "ED17D340-9C18-4B1E-BA15-CAE2ADAAD38E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "310856A9-CA62-4C1A-A4C9-B6EECC36F496", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "3D295366-662E-4C8E-9758-3DB801E0ABA8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "F09360A9-3FB1-465F-977E-643942D01FE8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "6A97A6BE-A27A-4D53-AB63-2A2631F20EAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "3F034BF4-31E6-46FB-B082-EA22FFE51AAB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(6.213\\):*:*:*:*:*:*:*", matchCriteriaId: "17B9D603-75C0-4241-BD4B-3C891A2C5BD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "063BB311-EC8D-43E5-9B9D-56C96121EB9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7a\\):*:*:*:*:*:*:*", matchCriteriaId: "003AAC03-306E-4D12-B4C7-7ECA4ED88884", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(7b\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0DAA33-3841-4C14-A137-93E1810CC866", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "ACD5B480-2780-48EB-B361-4EF4833D97E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "B0500999-E48F-4FE1-9B92-C1E179651CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(9.7\\):*:*:*:*:*:*:*", matchCriteriaId: "98CFE9BB-7BFE-4782-B602-2C6A1392693F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "629488D4-D8A4-4152-A4D3-E951F199C6DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "2D8F0A63-8229-46E8-94A6-CDBB1E8F91E5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD3C773-0B71-4FF2-9DCD-2875CFDE3308", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11a\\):*:*:*:*:*:*:*", matchCriteriaId: "B07F6A0D-82C3-4C2C-9715-3D07083E6F56", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)a8\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "03901678-2CCB-4ED5-AF04-D8469BF12804", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "618861BD-8FEE-4EF8-BFFB-A5BCBA8EA3EB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6459DD6B-6DC1-4C14-A8E7-4503ED5F69BD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DA600413-FC70-4776-99DF-180C96D4FD24", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "ECC9066F-3082-48A0-BA52-9ED9420EA47A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "78611E25-E33E-4C88-A681-97B5A2A01B51", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "780B04ED-412E-441F-8717-D8F9257F5699", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC6A3647-2AF0-4D45-BCC9-24618B43ACBF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AD2AABBD-8680-4615-A4E2-B607CB1B0979", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "693F444B-FA34-489C-BB45-E9185DE47816", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "13669043-3F12-4439-812F-6DE35F70B159", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "58A8BDE0-2F73-4E0C-B73A-918DB3352067", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "5CC4DC15-3045-4CE3-A7B5-4E6ED35BF51F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "625BE6B1-12A7-4A8A-A816-E82C026E0457", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "4EAC2920-462B-44F0-8E93-7875C2F74592", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u3\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "35957A41-D8F2-4BC1-986B-C3E271327D64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "10BFAE68-01C5-4EF8-8B86-F470092E9034", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "6D02FC11-EB21-45CD-A070-89C4862240BC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8C67AE59-380A-402B-9B2A-F595E001637B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "4301927C-7A6D-4DA9-9470-9182E7FB234A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C71ED401-6786-4AAE-A98F-BE4732256A7D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "E2B5EC76-A4A7-41C0-9F37-5EC85FD1EB5C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "66BC7FC9-1167-41C5-9B0E-7D68400F3C39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u5\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "A6EB46CC-2939-4326-8CB9-504D7C7EF05E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6:*:*:*:*:*:*:*", matchCriteriaId: "0CDB1D59-C964-4D30-B55E-08E68562300C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(0.46\\):*:*:*:*:*:*:*", matchCriteriaId: "62C7EA58-2F17-41B2-8955-CADE8B7D2FED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8845147E-D3B1-41B9-BBD2-77B2823F3AD0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "8F7B2F23-F532-40D2-884E-D86785B33296", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1FC4F349-9E1C-4DD8-BC07-6CB67053BCDF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "D498C133-AA11-49C4-B065-F27CE776D318", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "08032AAC-F094-4717-A56F-89289FBD1F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "C5ADD4D3-206C-4609-AB2A-F6945D56627B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "07645F73-AC79-4BB8-A98E-1740F7D6EC5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "9DC56869-4665-49D1-89F2-8ED97727BD94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "147D1A4A-6404-47E3-B1A6-4C001C8DD9E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "1162691A-6C92-448A-8F1B-2DEFB623F1ED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5b\\):*:*:*:*:*:*:*", matchCriteriaId: "57524BA3-CF08-4F0F-95C9-F1417B4B83E0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(5c\\):*:*:*:*:*:*:*", matchCriteriaId: "D0E214C2-24CF-43EC-BC27-2E6AA77254DF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "EB0D74A0-C4B2-46EC-A9FF-562A997E3150", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "817A45B4-7C79-4D1A-B889-18A937CF8361", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "155F3CB7-A85B-4897-A4E2-F485FDF44AD4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "9D34CAB5-0832-45B1-B13F-49B763AFB74F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "7C0DB182-F37A-4230-BD6F-461C3195FAF4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0\\(2\\)u6\\(10a\\):*:*:*:*:*:*:*", matchCriteriaId: "065A0E6C-E0BD-4BD1-97EB-723EC4BDFA60", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "2FDE8EF9-47CF-451D-9570-3D369D74D44F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "55A760CE-5E63-4A6B-8DA3-A473BC3900E3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "0C857C0F-B023-4CF7-9916-6735C40425F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(3n\\):*:*:*:*:*:*:*", matchCriteriaId: "DD503699-A02E-4A62-827F-0906C94448EF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "D4C558C0-ECA4-408D-A5DF-2A175E48EAE2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "C4947F0C-B1F5-4BA0-A6F0-F08C25554E68", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "0E738E86-B75F-48BF-9E76-C7DD470F3688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6a\\):*:*:*:*:*:*:*", matchCriteriaId: "11E66F3E-9482-4F30-8480-F036F3C68B61", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(6b\\):*:*:*:*:*:*:*", matchCriteriaId: "68C6090F-0B05-46F0-8A67-928FE1C36D5F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "07863B2B-D780-4641-BADE-A5AFFAD95E57", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "FBD345BD-83EF-4913-A0F3-74E52AD76BBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "46B2B97B-DDB7-4208-BF1A-D10C8A075A14", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "317C8BE8-84DA-43D5-AE93-7E7DCDE6883E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(10\\):*:*:*:*:*:*:*", matchCriteriaId: "ED7B1216-4C4F-4A23-9474-23876649ABF3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(11b\\):*:*:*:*:*:*:*", matchCriteriaId: "CF349FDA-DFEC-45AA-A236-F0C8D0B3AD83", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(12\\):*:*:*:*:*:*:*", matchCriteriaId: "57892CBB-8C95-4E56-90F8-B77BBBDC03FB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14\\):*:*:*:*:*:*:*", matchCriteriaId: "A555382D-9D35-4931-B3B0-DD4D956AB7AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14a\\):*:*:*:*:*:*:*", matchCriteriaId: "65CCE422-71DB-4500-AC91-9FB4DD5924A2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(14b\\):*:*:*:*:*:*:*", matchCriteriaId: "C37B944B-CFB6-41F6-B4ED-049BEB3732E7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(16\\):*:*:*:*:*:*:*", matchCriteriaId: "985752BE-AC65-47BC-97F5-36C2E44E55D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(18\\):*:*:*:*:*:*:*", matchCriteriaId: "BEC60C3C-8689-47EC-B944-F0FB9D38E4F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20\\):*:*:*:*:*:*:*", matchCriteriaId: "C6A61F7E-9929-48F5-85BA-72E744AF30B2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(20a\\):*:*:*:*:*:*:*", matchCriteriaId: "DA24A851-F051-41A8-A33E-7296AD199306", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(22\\):*:*:*:*:*:*:*", matchCriteriaId: "52E6911E-3DD8-4FCC-A1B5-613098B25337", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(24\\):*:*:*:*:*:*:*", matchCriteriaId: "FEA235F0-95C4-471A-BBD6-EDB723E6E7CE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(25\\):*:*:*:*:*:*:*", matchCriteriaId: "0B86774A-900E-4A02-B671-C13C18965358", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.2\\(27\\):*:*:*:*:*:*:*", matchCriteriaId: "D23ADF50-748F-4795-B564-6D934B95F8D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FD613D8F-099C-43A1-BD29-A98250E1334A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "576B74DF-9527-4931-B1A3-8FEE1DB1AD99", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AA5B4FA9-E550-4C69-A4E7-A989BBCCF22E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f1:*:*:*:*:*:*:*", matchCriteriaId: "26AAAA6C-70FB-4562-AE8B-1BCB9A0DDA49", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f2:*:*:*:*:*:*:*", matchCriteriaId: "B4243B6B-7DC5-46D9-A918-5D2BD74561F1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3:*:*:*:*:*:*:*", matchCriteriaId: "1BFF2221-DCA4-4217-8199-76EFC43DD639", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D5DD2941-AD1E-4C13-8DAA-C5524B96AAB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "45A37F82-44B3-426C-A344-9054599BB426", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "907A3DEC-27F8-4D0A-9EE4-4681B6D9BADB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "53378B5F-4A5B-425D-B8BE-455FAF924551", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "F2CB77FE-97B4-439F-BED0-59688252E87D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(3c\\):*:*:*:*:*:*:*", matchCriteriaId: "A8F6C744-6501-4FAD-AF4F-12D3EA8F5BE4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "076216C6-C115-4C7C-A9E3-46A3986DA2AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)f3\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "A819AE96-3933-4AD2-AF30-36E199393E01", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7C8C0FF6-E9E5-4191-8C21-E8CB3F6BF7D7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D2BA7EF9-FDA1-4A2D-88B2-67042367C90C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A2FBF6CB-DE31-453D-BF47-89D0766D3020", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "046E260B-F842-41BA-914B-ACD7B71AB62F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "AAF537FC-B681-4F52-9324-9A4AC29651AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2c\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B2E736-F9D2-453A-9998-38800CC875F4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2d\\):*:*:*:*:*:*:*", matchCriteriaId: "3E8CEAC9-1C53-46A6-A18A-2A970D587C0F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2e\\):*:*:*:*:*:*:*", matchCriteriaId: "851E1B4E-40C4-4639-8FC6-C9DEC6FB2744", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2r\\):*:*:*:*:*:*:*", matchCriteriaId: "2C24518B-D2D5-471A-BB19-B839792607D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "8D93FA53-ADC0-4031-B693-84111E1EEDC2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "2B3E4490-6DD8-44BE-A681-105F526AE6E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2w\\):*:*:*:*:*:*:*", matchCriteriaId: "E02F54C2-C551-4FC4-A6FF-737CFD465D37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2x\\):*:*:*:*:*:*:*", matchCriteriaId: "77C98C47-688B-404B-A6CD-96AD5C0FD7F6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(2y\\):*:*:*:*:*:*:*", matchCriteriaId: "3D20DDF8-145B-443D-8D92-404F574929F0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DBAC49A1-91FC-4D55-BD74-42C918CCFDC9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4142F873-0492-4ACC-88F9-3A243128D0EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(1t\\):*:*:*:*:*:*:*", matchCriteriaId: "CAEFC7FE-718E-4544-A86B-3243C2C14EDC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "A9CD31FC-C2D0-4B29-90D5-7C3CB218DF9A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "30A500F4-1899-4F96-98E3-9330146A7963", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "FE52C974-3930-4AC9-907B-8E6B325D6A1E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "FAD07DE9-5C98-4A63-A741-8E69E9F125D2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "F0DA113F-3706-4FF3-88F9-5D3CD48F8CE5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(6t\\):*:*:*:*:*:*:*", matchCriteriaId: "5D1D8118-6E39-44B5-ABD7-B7ED3A80766D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "6A35B6DA-BF07-4579-8D6A-65CD8E052482", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8a\\):*:*:*:*:*:*:*", matchCriteriaId: "EF0B3DB8-8121-4FDC-8A11-42AB619101EC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8b\\):*:*:*:*:*:*:*", matchCriteriaId: "70830AB5-C86B-4726-A982-6F104910153E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(8z\\):*:*:*:*:*:*:*", matchCriteriaId: "87EB3AE2-8A92-4B16-8A22-A0F5B55D12E4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(9\\):*:*:*:*:*:*:*", matchCriteriaId: "E0904B27-2FA3-4B8D-9706-98B0376B5FC8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5:*:*:*:*:*:*:*", matchCriteriaId: "D9B7B5DE-1177-466F-B6AD-9641EAC0E113", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B1D86994-83EE-4D09-B79A-70CB22C077C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1BEB5BAE-0BB6-4201-9229-47DE631AAF3A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "654694A7-394C-4843-9197-91FC00445E40", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "1798EAC2-026C-4757-860F-D7417A2BA881", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i5\\(3b\\):*:*:*:*:*:*:*", matchCriteriaId: "FD83DA54-DF65-4837-90AD-837F75412E69", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "00953B63-7DBB-4A67-B41D-321C2ECDE79A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i6\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "83B2E7F6-9641-4B55-8B7D-6B0E020DD4A9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7:*:*:*:*:*:*:*", matchCriteriaId: "5DEBF467-C2E2-4ED9-8E8A-02E062E734D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "80B54786-DA2A-4E2D-9835-6A7939931928", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "7688EC58-4647-4A08-9E86-A71EA7C41B88", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(3z\\):*:*:*:*:*:*:*", matchCriteriaId: "6E7DA901-990A-4388-9B72-943E77269B4E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "D5AD2254-158D-4BEE-B36C-242813F4BA37", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "4480D800-595F-44CB-85ED-7E17A34A5BEF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(5a\\):*:*:*:*:*:*:*", matchCriteriaId: "BF7AB4C3-54E0-4445-974C-4AE337B7B7DA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6\\):*:*:*:*:*:*:*", matchCriteriaId: "AD015889-3893-4781-B18D-6125A9B6CE39", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(6z\\):*:*:*:*:*:*:*", matchCriteriaId: "4E355839-76C1-4D48-9892-53EEADD2B629", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "89541F84-0C10-4757-8D25-80FC4464EC23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(8\\):*:*:*:*:*:*:*", matchCriteriaId: "371AEAF3-39CA-4837-BA5A-D80826933C9B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C474B035-BFDC-4617-9285-D10C970342A6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ia7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "D9D9DD45-8C38-4753-9168-0E5BF96146DB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)ic4\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "259F3DCA-D218-4CF1-9CB4-23ECB070719F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C55F18EF-F751-400F-88DD-76ADD2B60BE7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "AE1D0444-6A5E-4252-B761-28FEFAEE8BAF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "578691EB-19D3-4B75-9783-B6D4F0FE1CEA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(2b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C89EAEB-1944-4082-B1AF-CEAC39BE762A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "DD8BA29C-7F6E-492A-8EB1-A2D6391C5120", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)im7\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "32EB01A2-9A00-4EFF-80F0-D192C79B1489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "63949081-E2F3-4EB4-BABC-270AAB19EE78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "58292522-F486-410D-AD99-DFD6EC0AA9B1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A462729A-720F-4180-96DD-713A70CEF494", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "BEB59A4B-3FCA-47F9-A4DB-D2B8ABAFB54D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(5\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "A07ACF87-C694-41DB-B4BD-23CE72E32EED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C83C312B-0B0E-4A02-A9EE-F864EFBE60CB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(2s\\):*:*:*:*:*:*:*", matchCriteriaId: "832DE1DB-0D1C-4C24-8E2D-D182205C94B0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(3s\\):*:*:*:*:*:*:*", matchCriteriaId: "BD36EDD5-4408-4BD0-A75A-AFFD5BF44D38", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(6\\)n1\\(4s\\):*:*:*:*:*:*:*", matchCriteriaId: "D0FBFB9B-703D-42F8-93BA-969AB7284106", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E47E0A4D-4033-43A8-9A50-E1A2BD7B419C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "4C95519E-7536-4EF7-8222-D4089500F826", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "71F56568-57E6-4C1C-AC8A-D96E097E449E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "F631EAC6-1D33-485E-9E00-8572FA015C26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(8\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "25CEAE9E-DD9B-41E2-BC39-3332F428B489", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DE199525-4C2D-48C2-A76C-BD14BF2851F9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "E3644F66-F964-4D50-A6E0-EE8784490BD2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "72AD166D-7CBF-4A4D-A376-907DDA1BB504", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "FC9BC24B-BEB3-4D55-93C8-8334B8BC0BC0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A20D72B-E2C6-47B6-A54D-FA435F29D7F2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(1\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6C801D4A-E604-49CA-8D14-13622E85C563", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "77D9EEFA-D652-45D2-8AF5-8A72825E7ED0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(2\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "EC78BEB7-47D1-4544-BC40-AB5D73B93D78", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "1AEB91EC-E548-4C53-920F-C4871BC464B8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "0282F963-2C1F-44F7-A0D0-4929685051AA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "A1F519D0-64BC-4862-8894-4F6C248253C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "94A247A8-E918-4757-9ADE-251B027CD307", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "195CD630-4949-4B52-B9FF-94F3DEFB47AD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(3\\)n1\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "225E5070-B635-4752-B771-0E721C96C2AE", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9103A92E-C9F3-401B-AE30-66466210ADED", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9E5CD729-234E-43C0-A6A3-A3E0983A6605", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "4A30E576-56F8-4EBA-AADE-C70655DE6E79", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(4\\)n1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "74415A0A-A3F4-43BB-B609-B6641771D655", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "B5ED7424-EB12-4C21-97C8-082156716C9C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.1\\(5\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "16359104-2DB6-41D6-97A8-8CA1C3AB5688", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "6BF973CD-3315-4D86-8F89-05DC97C736AB", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "E485E99D-F421-487D-86E7-A2D119623D47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)d\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2622260B-F77B-4510-9B9D-078B994BBE64", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "94AA886F-7BD1-4699-B1D3-E495EFCA2812", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2768DEF1-3DFA-4683-9D8D-C5915D8E7365", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3CD05045-E867-4B7E-ACE4-7B6EA69971AF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "FF9B10D1-29C0-4B16-813A-B535C4C64E47", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2\\(2\\)d1\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "84551391-3A13-42EC-855F-FBB3453F65D4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "7FD733DD-EC40-48EC-A8A6-AE09657EEFC1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)dx\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "18CE33FF-6C81-4B38-8C47-6DEBD4D4223C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "569B3CE7-CA06-4636-8043-7ED7635195A3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "41A683FE-68AF-43E4-B846-2E82ACDD5E4C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "2C8B149C-D842-496A-BE21-41920F95139C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "4A7B0A8C-ED8F-411C-843F-B801CBBBB6C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(1\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "8D72F0B8-D229-4995-A053-62FA6591DCBA", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "FADC755B-3AB3-43D6-8495-1FABCBD548E9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(1d\\):*:*:*:*:*:*:*", matchCriteriaId: "42D84BD8-D76B-422E-9E46-4A667A981FAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "03607526-7F9E-43F5-94ED-3ED0B4D29DF5", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "8890C4B8-2E5C-46D6-80DE-6B5256FA1CAD", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)d1\\(3a\\):*:*:*:*:*:*:*", matchCriteriaId: "2F8A3FFE-D017-43F7-B481-AF25B8B2BE6F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "D8025943-EA09-47E6-9109-7DAF078F8F26", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "1A727000-44CC-461C-A7D6-0B9A99CB974A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(1c\\):*:*:*:*:*:*:*", matchCriteriaId: "105B6601-D756-4B76-9554-5B6E027A5E8E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "98FC292D-27D3-40CF-98C5-AF47686FC134", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0EE35B51-2D13-4A8B-BFF5-0596DBDCD261", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "0C23B353-3500-4FA4-90CE-624A29B1048F", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "69FE85C9-A0AC-4FD4-A6EE-F0868B69503B", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(4\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "9B1340D1-8EE8-484F-979A-AB9E34D35EB3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)d1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "29002523-6405-4198-A5E5-630A4B661767", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(5\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AF1257BF-D534-4899-937F-DCBD033A7D94", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "86E5CF27-5661-41DF-B339-740718760AC6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(6\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "6AE0D110-D8D7-4D50-A599-618A5120EDD7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9ACD2D0D-7A38-4FCD-9E24-5588BACF8DA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "586E9024-C983-4CFF-9A3F-A39256E09910", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(7\\)n1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "B2B7951C-8376-49C3-BF50-E6B65909A739", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "AB556839-151C-492E-B4C3-C024276D5AB1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "3A8D89C0-8C65-487B-9F2D-FFE31AE5BBCC", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(1b\\):*:*:*:*:*:*:*", matchCriteriaId: "409A92B8-F9A5-401E-B77F-177C48B22F23", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "298709C4-69BF-48BA-A317-4251B5461A0D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(2a\\):*:*:*:*:*:*:*", matchCriteriaId: "0EF15089-A16E-47CC-AB52-78AB85F681BF", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "3FB0B238-4F3A-4569-89B0-ED80533D87C4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "CF90B861-F48B-45DF-ACB8-F91030106181", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "CAB301FC-988F-4FC3-A097-E926E541F098", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(4\\):*:*:*:*:*:*:*", matchCriteriaId: "6CFA19E0-0121-4422-83AF-94039520A0F8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(5\\):*:*:*:*:*:*:*", matchCriteriaId: "03201B37-841C-432F-8643-352833381373", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "A6B8E31F-6B33-43E0-9585-5736D54FE876", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "3C828C0E-99E6-4DEF-9EB3-672DEB61F479", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "2636B1F1-8C40-44A4-B96B-C84EC244685E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.4\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "D0A868C7-1060-4A48-819E-013F435F08D1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "DD96C7AE-EECC-43F4-9132-1E7F8047C701", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "1D43B9D6-0991-4370-9369-C0A1EDBF6627", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2t\\):*:*:*:*:*:*:*", matchCriteriaId: "6EB58108-78E4-4208-A549-C86B37422828", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(2v\\):*:*:*:*:*:*:*", matchCriteriaId: "46427F06-FAB1-4AB8-A6BF-3EE10608B4D9", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "5FB6ADC7-97AC-4DD8-8F1B-448A63D8BE97", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.2\\(3y\\):*:*:*:*:*:*:*", matchCriteriaId: "AA0623C0-E021-4DA0-926A-4466DDBC0BA6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9A589031-946F-4016-AFC9-92FB033420D0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(1z\\):*:*:*:*:*:*:*", matchCriteriaId: "F62AE0F2-812F-450E-BE9D-01A3AD15028E", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(2\\):*:*:*:*:*:*:*", matchCriteriaId: "20FF2A5A-CB80-4F58-856D-724AACB0864C", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(3\\):*:*:*:*:*:*:*", matchCriteriaId: "9FF50BFC-2DB3-4954-BC59-8B3D27D418E0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B4F21A73-278B-4CEC-A887-E4FB53C6AA94", versionEndExcluding: "3.2\\(3o\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EB2E352F-4A19-4612-970B-12978D869A09", versionEndExcluding: "4.1\\(1c\\)", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated attacker to cause process crashes, which could result in a denial of service (DoS) condition on an affected device. The attack vector is configuration dependent and could be remote or adjacent. For more information about the attack vector, see the Details section of this advisory. The vulnerability is due to insufficient error handling when the affected software parses Cisco Fabric Services messages. An attacker could exploit this vulnerability by sending malicious Cisco Fabric Services messages to an affected device. A successful exploit could allow the attacker to cause a reload of an affected device, which could result in a DoS condition.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services de Cisco FXOS Software y Cisco NX-OS Software, podría permitir a un atacante no autenticado causar bloqueos en el proceso, lo que podría resultar en una condición de denegación de servicio (DoS) en un dispositivo afectado. El vector de ataque es dependiente de la configuración y podría ser remoto o adyacente. Para obtener más información sobre el vector de ataque, consulte la sección Detalles de este aviso. La vulnerabilidad es debido a un manejo insuficiente de errores cuando el software afectado analiza los mensajes de Cisco Fabric Services. Un atacante podría explotar esta vulnerabilidad mediante el envío de mensajes maliciosos de Cisco Fabric Services hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una recarga de un dispositivo afectado, lo que podría resultar en una condición DoS", }, ], id: "CVE-2020-3517", lastModified: "2024-11-21T05:31:14.100", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.550", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-nxos-cfs-dos-dAmnymbd", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108383 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108383 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "86770ECC-BC1D-42BC-A65B-FCE598491BEE", versionEndExcluding: "8.1\\(1b\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "27A4ABA8-4A7F-4517-A969-76DAE589D194", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "458C07FB-06EE-4081-8B4C-D16962FF9035", versionEndExcluding: "7.0\\(3\\)i4\\(8\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4692FD8-8B7E-4418-A6E2-51A34117FFCD", versionEndExcluding: "7.3\\(3\\)i7\\(3\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5E88418C-0BC4-4D90-A14D-0B89F8399AA5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB93AD1-B5DD-4A69-B1A3-3F163BD2D8BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:*", matchCriteriaId: "19F88FB2-1A75-4166-A4F5-039D67EAA1D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:*", matchCriteriaId: "A01B0559-5632-4658-AA3A-221DD28D963F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:*", matchCriteriaId: "082A5A44-DC9A-4B48-8F28-1D0EC7F82410", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:*", matchCriteriaId: "19BCB669-5CC8-4C67-B34C-3F5ADDD4C232", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:*", matchCriteriaId: "D5E693D2-F1D5-4D22-885B-AE853221ABA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:*", matchCriteriaId: "C63F63AD-94EC-4A6D-92AF-7FBF6275746A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:*", matchCriteriaId: "490EAB88-A0F3-4A88-9A81-B414CE78B34B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "04A26215-DEB3-4337-AFE0-5E23C760060D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "6B8F7177-147E-47C0-ADFB-4CD0768D52CD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "06A72F9F-773A-463D-8BEB-6B316DF21CFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "8FC94E7D-84AF-4D2A-85A7-264CED2D107B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "BC0082AD-1EFB-4AFE-9974-EAAB926553F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4BFAAE41-AD17-4F69-9029-8DD90D824E6F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9504-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "91595E9E-BF7A-4438-9D25-05AB29DD16ED", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "4818B000-7022-445A-8B0F-6B2E937AAEA3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "BEE867E4-9EE8-4A06-A51B-627C228EF0A2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "7A9CE53D-E8B7-46CD-9B8B-C746A2524BA8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "C6782DA1-5568-410D-86E6-2C2B909693DD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "1734D373-CA79-447E-96A7-EDA4D3F9C924", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x96136yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "2163BE9A-89E8-4585-9AD5-A1C764533F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "569B5384-B93C-4FEF-88E7-3155ACE94F4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636c-rx:-:*:*:*:*:*:*:*", matchCriteriaId: "3E7646FC-74C9-4188-9FDB-2C91D8D559D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "90F30A43-9E4F-4A03-8060-A38B0925DBD2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with valid administrator credentials to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podría permitir a un atacante local autenticado ejecutar comandos arbitrarios sobre el sistema operativo Linux subyacente con el nivel de privilegio de raíz. La vulnerabilidad es debido a una insuficiente validación de los argumentos pasados ??a un comando CLI específico en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1790", lastModified: "2024-11-21T04:37:23.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.650", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108383", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108383", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1790", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108369 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108369 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nexus_5548p | - | |
| cisco | nexus_5548up | - | |
| cisco | nexus_5596t | - | |
| cisco | nexus_5596up | - | |
| cisco | nexus_56128p | - | |
| cisco | nexus_5624q | - | |
| cisco | nexus_5648q | - | |
| cisco | nexus_5672up | - | |
| cisco | nexus_5696q | - | |
| cisco | nexus_6001 | - | |
| cisco | nexus_6004 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | 7000 | - | |
| cisco | 7700 | - | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D5CF3A40-A695-4722-A557-8A2C1AD831B6", versionEndExcluding: "7.3\\(5\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000:-:*:*:*:*:*:*:*", matchCriteriaId: "2C04552B-198C-43AA-A2F6-1E13D6950D55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700:-:*:*:*:*:*:*:*", matchCriteriaId: "AD2E5A31-F61D-48A7-9F7E-E4EB426C63B2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with elevated privileges. An attacker would need valid administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del programa NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con el nivel de privilegio de raíz. La vulnerabilidad es debido a una insuficiente validación de los argumentos pasados ??a un comando CLI específico en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante realizar comandos arbitrarios sobre el sistema operativo Linux subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador válidas para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1784", lastModified: "2024-11-21T04:37:22.350", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.587", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108369", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108369", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmd-inject-1784", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-23 20:15
Modified
2024-11-21 07:40
Severity ?
6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6536_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "834E1736-9E8D-476A-ADA9-EB81BEB8DC6C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6536:-:*:*:*:*:*:*:*", matchCriteriaId: "0C36A364-DBC0-44DA-9DB0-6CC8E9D074BF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_64108_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9CF884E9-68AA-44F7-A551-F7D7DF2378DB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6454_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "085034AF-4825-4E06-BCBD-6F0D80959A26", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6200_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2BD99394-5B1B-49FB-9085-3D92E4DBF1A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6248up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0AE37430-9711-443E-BF69-CAAEDD2A0E45", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6296up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9E325ADE-5098-4C1B-82FB-CB04DDB68A2A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "192B4BF0-A6E4-4241-8E30-48CAE65203F1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6324_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "63D87F40-279D-46BD-9A1E-B980E9DDD24D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "148B3732-6F6C-4865-8FCC-A215883BEEC9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_central_software:*:*:*:*:*:*:*:*", matchCriteriaId: "BD20288C-BDEE-45D4-A0AF-A68ABB3A8E15", versionEndExcluding: "4.2\\(3c\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ucs_6332-16up_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "027A27D8-DD06-420A-BCDC-553641F5CC83", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "FC22C69D-7B86-4ED8-87AA-D259D026CA6B", versionEndExcluding: "2.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup configuration feature. A successful exploit could allow the attacker to decrypt sensitive information that is stored in full state and configuration backup files, such as local user credentials, authentication server passwords, Simple Network Management Protocol (SNMP) community names, and other credentials.", }, ], id: "CVE-2023-20016", lastModified: "2024-11-21T07:40:20.983", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-23T20:15:13.407", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-321", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-330", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device. The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow that could allow the attacker to execute arbitrary code as root or cause a DoS condition on the affected device. This vulnerability affects the following if configured to use Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Discovery Protocol del software FXOS y Cisco NX-OS podría permitir que un atacante adyacente no autenticado ejecute código arbitrario como root o cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a las cabeceras de paquete Cisco Discovery Protocol insuficientemente validadas. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Discovery Protocol a un dispositivo afectado adyacente en la capa 2. Su explotación con éxito podría permitir que el atacante provoque un desbordamiento de búfer que le permitiría ejecutar código arbitrario como root o provocar una condición de denegación de servicio (DoS) en el dispositivo afectado. Esta vulnerabilidad afecta a los siguientes productos si están configurados para emplear Cisco Discovery Protocol: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI), Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc22202, CSCvc22205, CSCvc22208, CSCvc88078, CSCvc88150, CSCvc88159, CSCvc88162, CSCvc88167.", }, ], id: "CVE-2018-0303", lastModified: "2024-11-21T03:37:56.127", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.413", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-fxnxos-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3B77DE7C-8F8A-4474-BA11-401B6A07C18E", versionEndExcluding: "7.1\\(5\\)n1\\(1\\)", versionStartIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4F5FF890-017A-4F2B-9253-8149FA484066", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:6.0:*:*:*:*:*:*:*", matchCriteriaId: "991285C8-2BD5-4C84-8DA0-4C500B519267", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0:*:*:*:*:*:*:*", matchCriteriaId: "02DD5791-E4D3-475C-84B0-E642ACFC5EB6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.2:*:*:*:*:*:*:*", matchCriteriaId: "5EE85C54-276F-462E-808A-23D3E54D31BD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "627E5170-669E-41CB-BEA7-9DA6C6C4FF44", versionEndExcluding: "6.2\\(20\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "20B60929-1E25-49F2-9C11-7A613E6CE1E7", versionEndExcluding: "7.2\\(2\\)d1\\(3\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9223B362-B27F-49FF-AFB2-8F39C43C4510", versionEndExcluding: "7.3\\(2\\)d1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C06BC203-6A1D-4427-B368-46CDE4110F2E", versionEndExcluding: "8.1\\(2\\)", versionStartIncluding: "8.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "18F3A094-63D1-45B8-B0D2-D84BAD19BB8A", versionEndExcluding: "8.2\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.0:*:*:*:*:*:*:*", matchCriteriaId: "2B36B056-C068-4413-B648-1D1D6026B823", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "93C9AFED-1347-4B0E-B031-AF5EA891B9BD", versionEndExcluding: "7.0\\(3\\)i3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "15C899EF-A64F-4FD8-851C-1D4E2929BAF4", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5219768E-0988-4F66-8D53-23EAD5819F35", versionEndExcluding: "7.0\\(3\\)i7\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D75479AD-9847-497C-9438-AA82D91B6F71", versionEndExcluding: "7.3\\(3\\)n1\\(1\\)", versionStartIncluding: "6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DEE82469-C112-4BF3-848B-ACDA7000B235", versionEndExcluding: "8.1\\(1a\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1EB1DA63-8A73-4BBC-AD53-469B0559A112", versionEndExcluding: "2.2\\(8g\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFF9D209-A6D9-4502-A1EC-E9FE1457A547", versionEndExcluding: "3.1\\(2f\\)", versionStartIncluding: "2.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2A5AB957-E691-4088-AB25-33AB9C88F73F", versionEndExcluding: "2.0.1.153", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "6B56E81C-0822-4B76-8F24-9A85A5DD84A6", versionEndExcluding: "2.2.2.14", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "86A5F522-BA5D-4CF2-B166-9D84ECF33F4E", versionEndExcluding: "2.0.1.152", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "6B56E81C-0822-4B76-8F24-9A85A5DD84A6", versionEndExcluding: "2.2.2.14", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly validate certain fields within a Cisco Discovery Protocol message prior to processing it. An attacker with the ability to submit a Cisco Discovery Protocol message designed to trigger the issue could cause a DoS condition on an affected device while the device restarts. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000, CSCve41007.", }, { lang: "es", value: "Una vulnerabilidad en el subsistema Cisco Discovery Protocol (anteriormente conocido como CDP) de los dispositivos que ejecutan, o se basan en, Cisco NX-OS Software podría permitir que un atacante adyacente sin autenticar cree una condición de denegación de servicio (DoS). La vulnerabilidad se debe a un error a la hora de validar adecuadamente ciertos campos en un mensaje Cisco Discovery Protocol antes de procesarlo. Un atacante que pueda enviar un mensaje Cisco Discovery Protocol destinado a desencadenar este problema podría provocar una condición de denegación de servicio (DoS) en un dispositivo afectado mientras el dispositivo se reinicia. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvc89242, CSCve40943, CSCve40953, CSCve40965, CSCve40970, CSCve40978, CSCve40992, CSCve41000 y CSCve41007.", }, ], id: "CVE-2018-0331", lastModified: "2024-11-21T03:37:59.720", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.773", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxos-cdp", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios . Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1782", lastModified: "2024-11-21T04:37:22.043", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.463", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ucs_manager | 4.0\(1a\)a | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - | |
| cisco | fxos | 2.4\(1.214\) | |
| cisco | fxos | 2.4\(1.216\) | |
| cisco | firepower_2110 | - | |
| cisco | firepower_2120 | - | |
| cisco | firepower_2130 | - | |
| cisco | firepower_2140 | - | |
| cisco | firepower_4110 | - | |
| cisco | firepower_4115 | - | |
| cisco | firepower_4120 | - | |
| cisco | firepower_4125 | - | |
| cisco | firepower_4140 | - | |
| cisco | firepower_4145 | - | |
| cisco | firepower_4150 | - | |
| cisco | firepower_9300 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:4.0\\(1a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "0BC36B27-C1C7-4B03-8A59-05A3BF0677DE", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:2.4\\(1.214\\):*:*:*:*:*:*:*", matchCriteriaId: "973A8B3A-9CEC-40CE-991D-47197678D8E2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:2.4\\(1.216\\):*:*:*:*:*:*:*", matchCriteriaId: "6FC7C236-1983-459F-AA55-263B294947A0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including crafted arguments to specific commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco FXOS Software y Cisco UCS Manager Software, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada insuficiente. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados a comandos específicos. Una explotación con éxito podría permitir a un atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados son ejecutados con privilegios root.", }, ], id: "CVE-2020-3171", lastModified: "2024-11-21T05:30:28.543", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.250", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-fxos-ucs-cli-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-26 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ucs_manager | * | |
| cisco | ucs_manager | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - | |
| cisco | ucs_64108 | - | |
| cisco | ucs_6454 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EE704FC9-DFEF-48DD-A0D5-919FAF856C6F", versionEndExcluding: "3.2\\(3n\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "230B12CB-250E-4501-B6CF-3B482225309B", versionEndExcluding: "4.0\\(4c\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system (OS) on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by including crafted arguments to specific commands on the local management CLI. A successful exploit could allow the attacker to execute arbitrary commands on the underlying OS with the privileges of the currently logged-in user for all affected platforms excluding Cisco UCS 6400 Series Fabric Interconnects. On Cisco UCS 6400 Series Fabric Interconnects, the injected commands are executed with root privileges.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco UCS Manager Software, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo (SO) subyacente sobre un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada insuficiente de los argumentos del comando. Un atacante podría explotar esta vulnerabilidad al incluir argumentos diseñados en comandos específicos sobre la CLI de administración local. Una explotación con éxito podría permitir a un atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario actualmente conectado para todas las plataformas afectadas, excluyendo Cisco UCS 6400 Series Fabric Interconnects. En Cisco UCS 6400 Series Fabric Interconnects, los comandos inyectados se ejecutan con privilegios root.", }, ], id: "CVE-2020-3173", lastModified: "2024-11-21T05:30:28.820", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-26T17:15:13.483", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-ucs-cli-cmdinj", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-27 16:15
Modified
2024-11-21 05:31
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:-:*:*:*:*:*:*:*", matchCriteriaId: "CDB194AF-51E8-4379-B416-34049BF03754", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFE3880-4B85-4E23-9836-70875D5109F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", matchCriteriaId: "727A02E8-40A1-4DFE-A3A2-91D628D3044F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", matchCriteriaId: "19F6546E-28F4-40DC-97D6-E0E023FE939B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", matchCriteriaId: "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*", matchCriteriaId: "DA35D4AA-24B3-428E-84ED-804EF941E9A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000_virtual_edge:-:*:*:*:*:*:*:*", matchCriteriaId: "BF29010C-8712-4464-A233-14CF024AA6DB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*", matchCriteriaId: "7E705638-8D0A-40D6-9A51-4FDB6C03F71E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "00B4CC8B-AA85-43E5-962A-0F0E003D95FF", versionEndExcluding: "4.0\\(4i\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an affected device. A successful exploit could allow the attacker to cause internal system processes to fail to terminate properly, which could result in a buildup of stuck processes and lead to slowness in accessing the UCS Manager CLI and web UI. A sustained attack may result in a restart of internal UCS Manager processes and a temporary loss of access to the UCS Manager CLI and web UI.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de administración local (local-mgmt) de Cisco UCS Manager Software, podría permitir a un atacante local autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a un manejo inapropiado de los parámetros de comando de la CLI. Un atacante podría explotar esta vulnerabilidad mediante la ejecución de comandos específicos en la CLI local-mgmt en un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar que los procesos internos del sistema presenten un fallo para finalizar apropiadamente, lo que podría resultar en una acumulación de procesos atascados y conllevar a una lentitud en el acceso a la CLI de UCS Manager y la Interfaz de Usuario web. Un ataque sostenido puede resultar en un reinicio de los procesos internos de UCS Manager y una pérdida temporal de acceso a la CLI de UCS Manager y la Interfaz de Usuario web", }, ], id: "CVE-2020-3504", lastModified: "2024-11-21T05:31:12.453", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-27T16:15:12.487", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-cli-dos-GQUxCnTe", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-664", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-400", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 20:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E762B981-6AC3-41E2-9FF5-DBA9616EA75C", versionEndExcluding: "6.2\\(25\\)", versionStartIncluding: "5.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "BC0041E4-EBDC-465A-B593-E7C353EF0D8F", versionEndExcluding: "8.3\\(2\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "92B576CF-5EAD-4830-A7B7-ACC434349691", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EA0C7252-4931-47EF-9AFD-0CE05C786613", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "A67D92F3-7EE1-4CFD-9608-4E35994C1BC4", versionEndExcluding: "6.2\\(22\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CFC2CF14-BF68-49FD-AFDE-886FD1A51520", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "C4F8E70D-012F-4465-AC5B-D31563BE219A", versionEndExcluding: "2.2.2.91", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C2C8263-BA5C-41D0-ABD9-42925B94BF84", versionEndExcluding: "2.3.1.130", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "564D0A43-37E4-477A-8ADD-5D2FC8092142", versionEndExcluding: "2.4.1.222", versionStartIncluding: "2.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3DFCC3C2-3483-4BD0-AF71-23574D0849B1", versionEndExcluding: "7.0\\(3\\)i4\\(9\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "EF06D835-FBE6-4866-B410-C2F66AEF68CD", versionEndExcluding: "7.0\\(3\\)i7\\(4\\)", versionStartIncluding: "7.0\\(3\\)i7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7CA67BFA-71AF-4071-AD0D-CBD05E2D59CB", versionEndExcluding: "4.0\\(1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need administrator credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI de los programas FXOS y NX-OS de Cisco podría permitir a un atacante local autenticado realizar comandos arbitrarios sobre el sistema operativo subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de los argumentos pasados ??a ciertos comandos de la CLI. Un atacante podría aprovechar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Un aprovechamiento exitoso podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con elevados privilegios. Un atacante necesitaría credenciales de administrador para aprovechar esta vulnerabilidad.", }, ], id: "CVE-2019-1781", lastModified: "2024-11-21T04:37:21.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T20:29:01.400", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-fxos-nxos-cmdinj-1781-1782", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 19:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108365 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D14AF388-8D72-45DF-A268-4ACE8472F65C", versionEndExcluding: "8.3\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "DC8A47D2-CF7D-4306-A78E-B4423575C6A9", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "81FEA96D-5A66-415A-B46C-F25DC3E4E5EE", versionEndExcluding: "6.0\\(2\\)a8\\(11\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1F404A62-E7A6-4C2E-884C-2D7E4E58A6C7", versionEndExcluding: "7.0\\(3\\)i7\\(6\\)", versionStartIncluding: "7.0\\(3\\)i4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "9588B23A-8C0E-4734-AFF6-254F8A2C8AA1", versionEndExcluding: "7.3\\(4\\)n1\\(1\\)", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E30AB8D6-3F3F-43A3-B7E9-ABD5D3052FA8", versionEndExcluding: "6.2\\(22\\)", versionStartIncluding: "6.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "02E6779A-5759-4A83-B884-1B47FC124A22", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68D9CBC8-EB36-4EA5-B2F8-555137C8A86C", versionEndExcluding: "4.0\\(2a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "10CB3B6F-3CEE-4992-85F4-C448A20D7EA8", versionEndIncluding: "5.2\\(1\\)sv5\\(1.1\\)", versionStartIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:*:*:*", matchCriteriaId: "882D7344-E38B-4F44-8CDE-1CCA827F28BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E", versionEndIncluding: "5.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*", matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "59B48D7E-BD70-4971-B508-1DAD4841C5CE", versionEndExcluding: "5.2\\(1\\)sv3\\(4.1a\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "96BFEE5D-EF9F-4C21-BC51-FBA71029A6A7", versionEndExcluding: "7.0\\(3\\)f3\\(5\\)", versionStartIncluding: "7.0\\(3\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with elevated privileges. An attacker would need valid user credentials to exploit this vulnerability.", }, { lang: "es", value: "Una vulnerabilidad en la CLI del software NX-OS de Cisco, podría permitir a un atacante local autorizado ejecutar comandos arbitrarios con privilegios elevados en el sistema operativo subyacente de un dispositivo afectado. La vulnerabilidad es debido a una comprobación insuficiente de los argumentos pasados a ciertos comandos de la CLI. Un atacante podría explotar esta vulnerabilidad al incluir una entrada maliciosa como el argumento de un comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios elevados. Un atacante requiere credenciales de usuario válidas para explotar esta vulnerabilidad.", }, ], id: "CVE-2019-1735", lastModified: "2024-11-21T04:37:12.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T19:29:00.633", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108365", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-cmdinj-1735", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-11 21:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107317 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6 | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:application_policy_infrastructure_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "980B41C7-4122-4D8B-9AAB-2D7BBBC5A7B3", versionEndExcluding: "4.2\\(0.21c\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", matchCriteriaId: "52D96810-5F79-4A83-B8CA-D015790FCF72", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", matchCriteriaId: "16FE2945-4975-4003-AE48-7E134E167A7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", matchCriteriaId: "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", matchCriteriaId: "976901BF-C52C-4F81-956A-711AF8A60140", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control mechanisms for IPv6 link-local connectivity imposed on the management interface of an affected device. An attacker on the same physical network could exploit this vulnerability by attempting to connect to the IPv6 link-local address on the affected device. A successful exploit could allow the attacker to bypass default access control restrictions on an affected device. Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c) are affected.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de gestión del software de Cisco Application Policy Infrastructure Controller (APIC) podría permitir a un atacante adyacente sin autenticar obtener acceso no autorizado a un dispositivo afectado. La vulnerabilidad se debe a una falta de mecanismos de control de acceso adecuados para la conectividad IPv6 (link-local) que se impone en la interfaz de gestión de un dispositivo afectado. Un atacante en la misma red física podría explotar esta vulnerabilidad intentando conectarse a la dirección IPv6 (link local) en el dispositivo afectado. Un exploit exitoso podría permitir al atacante omitir las restricciones de control de acceso en un dispositivo afectado. Los dispositivos de Cisco Application Policy Controller (APIC) en versiones anteriores a 4.2(0.21c) se ven afectados.", }, ], id: "CVE-2019-1690", lastModified: "2024-11-21T04:37:06.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:A/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-11T21:29:01.090", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-apic-ipv6", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-21 11:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.0\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "9C83E090-7C99-465A-A477-C2949B137720", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i4\\(7\\):*:*:*:*:*:*:*", matchCriteriaId: "B3BBE1B1-062A-4D00-B646-FAB4BA85BF6A", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i7\\(1\\):*:*:*:*:*:*:*", matchCriteriaId: "C9388C2C-75F4-487F-A7D8-4E17FD39A166", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_2148t:-:*:*:*:*:*:*:*", matchCriteriaId: "5A5BBD7E-7638-4725-B01E-37B0056521EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2224tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "0F6A29A1-C498-4F98-81B6-F920AB038507", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232pp_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "37A0F8DD-8150-45EB-8C0E-636C11C258A4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm-e_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "1E8DC1FE-89A4-4E8D-917C-A888F2475FDC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2232tm_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "F8717918-2908-470C-BD41-6B466AF539F6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248pq_10ge:-:*:*:*:*:*:*:*", matchCriteriaId: "572DBF51-E334-444B-B548-2539740E1D0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7E8D3949-D212-4212-A651-07A631964448", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_2248tp_ge:-:*:*:*:*:*:*:*", matchCriteriaId: "2291E9C8-3816-49E6-843E-292686F5B6CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.357\\):*:*:*:*:*:*:*", matchCriteriaId: "EE7BCA11-7B09-43A3-A589-59D48402F564", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.1\\(0.2\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "94E4AB94-0FC0-4E6B-AAE6-EF37C0ABB548", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(0.1\\):*:*:*:*:*:*:*", matchCriteriaId: "8ABD8597-BDD8-4280-9743-63561B11A26A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:3.1\\(3a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "9EAE8F9F-A0D5-4CE1-9DF7-5EFB36A45B5D", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:9.9\\(0.902\\):*:*:*:*:*:*:*", matchCriteriaId: "2A6984CB-EF97-4CDD-B4CF-D460908C69A7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "F5581E60-8144-4630-9545-8DC0B7AD44A1", versionEndExcluding: "1.1.4.179", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA77B46-C30C-4427-9401-6500B6221ACE", versionEndExcluding: "2.0.1.153", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "5712D110-FF7D-4A6A-A592-0245709BC6B3", versionEndExcluding: "2.2.1.70", versionStartIncluding: "2.2.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1C9BF568-45B6-4087-8DB3-B806159AE075", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product. The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overread condition, which could allow the attacker to obtain sensitive information from memory or cause a DoS condition on the affected product. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, { lang: "es", value: "Una vulnerabilidad en el componente Cisco Fabric Services del software FXOS y Cisco NX-OS podría permitir que un atacante remoto no autenticado obtenga información sensible de la memoria o cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no valida suficientemente los valores de las cabeceras de paquetes Cisco Fabric Services. Un atacante podría explotar esta vulnerabilidad enviando un paquete Cisco Fabric Services manipulado a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante provoque una sobrelectura de búfer que le permitiría obtener información sensible de la memoria o provocar una condición de denegación de servicio (DoS) en el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches en modo NX-OS independiente, los módulos Line Cards y Fabric de Nexus 9500 R-Series, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd69957, CSCve02435, CSCve04859, CSCve41536, CSCve41538, CSCve41559.", }, ], id: "CVE-2018-0310", lastModified: "2024-11-21T03:37:57.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-21T11:29:00.617", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nx-os-fabric-dos", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-23 03:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "2A21987E-AE24-4C2C-894A-FFF7CC0CA73B", versionEndExcluding: "2.2.2.148", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "3779F159-04B8-40D7-98D0-B1B68AE02C31", versionEndExcluding: "2.3.1.216", versionStartIncluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F839DB11-1E63-4727-8AB0-ED0B5D6BC38A", versionEndExcluding: "2.4.1.273", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "440AAA0A-FEF8-4E40-95EC-59F37A63091D", versionEndExcluding: "2.6.1.224", versionStartIncluding: "2.6", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "08C690B6-DE7E-417F-883A-3A3AE51F0710", versionEndExcluding: "2.7.1.143", versionStartIncluding: "2.7", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "88F98150-EB80-41BB-9B80-520124E3FD9A", versionEndExcluding: "2.8.1.143", versionStartIncluding: "2.8", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "F2E8B9E7-1023-4A0C-BC8C-C45F956B20BA", versionEndExcluding: "2.9.1.135", versionStartIncluding: "2.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:*", matchCriteriaId: "9E9552E6-0B9B-4B32-BE79-90D4E3887A7B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-24:-:*:*:*:*:*:*:*", matchCriteriaId: "18048A84-BA0F-48EF-AFFB-635FF7F70C66", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-36:-:*:*:*:*:*:*:*", matchCriteriaId: "317DF3DD-C7CD-4CA2-804F-A738E048BEB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-40:-:*:*:*:*:*:*:*", matchCriteriaId: "C13CF29B-9308-452B-B7E0-9E818B5A6C1E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44:-:*:*:*:*:*:*:*", matchCriteriaId: "6DB527C2-855E-4BB9-BCA7-94BE86100D44", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-44_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "E82C1B05-990D-49D2-B80A-C3EDD4082840", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-48:-:*:*:*:*:*:*:*", matchCriteriaId: "421D91C3-8AB3-45E1-9E55-13ED1A4A623E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56:-:*:*:*:*:*:*:*", matchCriteriaId: "2D741945-8B0A-408D-A5FE-D5B38DC6D46A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_sm-56_x_3:-:*:*:*:*:*:*:*", matchCriteriaId: "9308CA67-E949-4338-A890-22B3C4428D70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-24_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F3C6CC11-470A-47A4-AAF5-D5580FB78562", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-36_module:-:*:*:*:*:*:*:*", matchCriteriaId: "AA4A2B35-5106-4F43-835A-7F97D2324373", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_1_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F7F452-9294-4445-A344-1A76B277C45D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300_with_3_sm-44_module:-:*:*:*:*:*:*:*", matchCriteriaId: "3EA604D8-76C0-40B9-8675-02BEEA18E432", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "82542890-87E9-4C92-9B20-7CC668B4E5E1", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "2D8583BD-4586-4AB0-9C7A-BC14385AACE8", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "657840E3-B3E9-4218-A89D-F27D8DC269C6", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "B36972DF-1BEB-48EB-9C79-725AA493F87C", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "08D3FFC7-2C86-4162-B1E8-C9FF39F4465B", versionEndIncluding: "8.4\\(3.115\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9100:-:*:*:*:*:*:*:*", matchCriteriaId: "54C0D908-D7BA-48C3-9963-14A3A32A2662", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9134:-:*:*:*:*:*:*:*", matchCriteriaId: "EDB00911-C0B0-4A4E-A0B9-413EC9D9C25A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9140:-:*:*:*:*:*:*:*", matchCriteriaId: "F762E87A-BF80-4D33-ADDA-84369E068005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148:-:*:*:*:*:*:*:*", matchCriteriaId: "22E6B85A-3988-4EC5-B788-9664772CE64E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "B25B92ED-37C0-4653-9C5E-B4C13C46464C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*", matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*", matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*", matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "2374E02D-46FE-477F-A74D-49E72149E6EC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*", matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9700:-:*:*:*:*:*:*:*", matchCriteriaId: "C44335D8-8A78-486C-A325-9691FA4C3271", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*", matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7004:-:*:*:*:*:*:*:*", matchCriteriaId: "36145717-6348-466D-87B4-B1A19F17BA55", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7009:-:*:*:*:*:*:*:*", matchCriteriaId: "4831C5F4-AF09-4951-B7AC-9DAF1C7045B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7010:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BBDCF9-562C-44BA-B709-F91346F6F99F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7018:-:*:*:*:*:*:*:*", matchCriteriaId: "276BD181-125C-48EC-984C-29BAE20C21F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*", matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7702:-:*:*:*:*:*:*:*", matchCriteriaId: "7596B885-5312-489B-BBDB-A5374E525DE1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7706:-:*:*:*:*:*:*:*", matchCriteriaId: "42EC10DA-FE01-4BA3-B49F-B164F697D4BA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7710:-:*:*:*:*:*:*:*", matchCriteriaId: "FE1655CC-9BD5-4BD5-B113-776E4335D556", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7718:-:*:*:*:*:*:*:*", matchCriteriaId: "2CA6F9ED-50A1-4D61-BC83-438585646856", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "04E18F69-07F4-4BEA-9867-B79351687D32", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "6EC79F46-3416-4D95-A839-BA707A9E22E2", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B4673FD6-3C58-41BA-AA7F-C26FE42ECBD4", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "4328C1A9-F5B4-4D6B-8B2D-03BFC5310EDC", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "2DC5D36F-834A-44EA-BCC8-A71BBA202A4F", versionEndIncluding: "7.0\\(3\\)i7\\(9\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*", matchCriteriaId: "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016q:-:*:*:*:*:*:*:*", matchCriteriaId: "2D402AB0-BCFB-4F42-8C50-5DC930AEEC8B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*", matchCriteriaId: "5F4E8EE4-031D-47D3-A12E-EE5F792172EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*", matchCriteriaId: "00CDD8C3-67D5-4E9F-9D48-A77B55DB0AB1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100:-:*:*:*:*:*:*:*", matchCriteriaId: "41C14CC9-C244-4B86-AEA6-C50BAD5DA9A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-z:-:*:*:*:*:*:*:*", matchCriteriaId: "D14D4B4E-120E-4607-A4F1-447C7BF3052E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100v:-:*:*:*:*:*:*:*", matchCriteriaId: "15702ACB-29F3-412D-8805-E107E0729E35", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pv-v:-:*:*:*:*:*:*:*", matchCriteriaId: "29B34855-D8D2-4114-80D2-A4D159C62458", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x\\/3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E142C18F-9FB5-4D96-866A-141D7D16CAF7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq\\/pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8EFC116A-627F-4E05-B631-651D161217C8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3200:-:*:*:*:*:*:*:*", matchCriteriaId: "32A532C0-B0E3-484A-B356-88970E7D0248", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3400:-:*:*:*:*:*:*:*", matchCriteriaId: "43913A0E-50D5-47DD-94D8-DD3391633619", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34200yc-sm:-:*:*:*:*:*:*:*", matchCriteriaId: "CA52D5C1-13D8-4D23-B022-954CCEF491F1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500:-:*:*:*:*:*:*:*", matchCriteriaId: "A8E1073F-D374-4311-8F12-AD8C72FAA293", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3500_platform:-:*:*:*:*:*:*:*", matchCriteriaId: "B72E8456-A9BD-447B-8F33-4BEB052A82D7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "E505C0B1-2119-4C6A-BF96-C282C633D169", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x\\/xl:-:*:*:*:*:*:*:*", matchCriteriaId: "915EF8F6-6039-4DD0-B875-30D911752B74", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3600:-:*:*:*:*:*:*:*", matchCriteriaId: "97217080-455C-48E4-8CE1-6D5B9485864F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", matchCriteriaId: "8EBEBA5B-5589-417B-BF3B-976083E9FE54", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_aci_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "57BC5903-1316-4FFF-BE52-2F6D63549590", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone:-:*:*:*:*:*:*:*", matchCriteriaId: "4755F890-634B-4B25-AF08-C34F13429FA9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000_in_standalone_nx-os_mode:-:*:*:*:*:*:*:*", matchCriteriaId: "1DA62800-F5DC-48DA-8C81-D684EA8EBB9F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9200:-:*:*:*:*:*:*:*", matchCriteriaId: "532CE4B0-A3C9-4613-AAAF-727817D06FB4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9221c:-:*:*:*:*:*:*:*", matchCriteriaId: "FFB9FDE8-8533-4F65-BF32-4066D042B2F7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "92E2CB2B-DA11-4CF7-9D57-3D4D48990DC0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "40E40F42-632A-47DF-BE33-DC25B826310B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "C47F6BF9-2ADB-41A4-8D7D-8BB00141BB23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*", matchCriteriaId: "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "102F91CD-DFB6-43D4-AE5B-DA157A696230", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "B7DB6FC5-762A-4F16-AE8C-69330EFCF640", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex-24:-:*:*:*:*:*:*:*", matchCriteriaId: "5394DE31-3863-4CA9-B7B1-E5227183100D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx-24:-:*:*:*:*:*:*:*", matchCriteriaId: "FE4BB834-2C00-4384-A78E-AF3BCDDC58AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3:-:*:*:*:*:*:*:*", matchCriteriaId: "B0D30D52-837F-4FDA-B8E5-A9066E9C6D2F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx3s:-:*:*:*:*:*:*:*", matchCriteriaId: "7CE49B45-F2E9-491D-9C29-1B46E9CE14E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq:-:*:*:*:*:*:*:*", matchCriteriaId: "5F1127D2-12C0-454F-91EF-5EE334070D06", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "2CF467E2-4567-426E-8F48-39669E0F514C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500:-:*:*:*:*:*:*:*", matchCriteriaId: "63BE0266-1C00-4D6A-AD96-7F82532ABAA7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a:-:*:*:*:*:*:*:*", matchCriteriaId: "31B9D1E4-10B9-4B6F-B848-D93ABF6486D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_a\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "CB270C45-756E-400A-979F-D07D750C881A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b:-:*:*:*:*:*:*:*", matchCriteriaId: "4E8A085C-2DBA-4269-AB01-B16019FBB4DA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500_supervisor_b\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "A79DD582-AF68-44F1-B640-766B46EF2BE2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9500r:-:*:*:*:*:*:*:*", matchCriteriaId: "B04484DA-AA59-4833-916E-6A8C96D34F0D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "24A634C9-C1DA-4D2D-BA5F-1EFC05756E5A", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "BCA44694-9D36-4E97-83F7-A1FEAC6717AB", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "6D6F83F0-AF30-453D-BB96-FE56A04C4971", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E0EFE3A3-2469-445E-A325-BC3F1D72FCA6", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "74A7DECE-B92C-471A-8A74-F1D5B5254A9B", versionEndIncluding: "7.3\\(8\\)n1\\(1\\)", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5500:-:*:*:*:*:*:*:*", matchCriteriaId: "BFC8699E-81C0-4374-B827-71B3916B910D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5600:-:*:*:*:*:*:*:*", matchCriteriaId: "870F4379-68F6-4B34-B99B-107DFE0DBD63", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up-16g:-:*:*:*:*:*:*:*", matchCriteriaId: "367C2A49-4C4D-471B-9B34-AFAFA5AE9503", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6000:-:*:*:*:*:*:*:*", matchCriteriaId: "6A58223F-3B15-420B-A6D4-841451CF0380", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001p:-:*:*:*:*:*:*:*", matchCriteriaId: "51EAD169-9036-496E-B740-45D79546F6D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001t:-:*:*:*:*:*:*:*", matchCriteriaId: "0E01F0DE-EA8A-451F-BADF-1A7A48B0C633", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004x:-:*:*:*:*:*:*:*", matchCriteriaId: "3F182AD1-6E51-456A-A8F7-8F3B92DBE4D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "76CF6300-0292-4E53-B28D-865C2303BA51", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "16B79C2F-DAE9-4AD4-AFDA-DADD43E650AD", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "980DD4C4-A6C0-4D2D-BD09-21B62C4ADC71", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "62C92804-B959-43E1-9133-C16E58921D9A", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6200:-:*:*:*:*:*:*:*", matchCriteriaId: "A0B96E5C-CC27-4020-93CE-413B95DCABB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "D96AB2BB-4F4A-44C3-918F-DDB31B0D1FFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296_up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "82775AC1-173D-4335-B13A-6CF73C9C11D8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "104AB7AA-2AB6-40AB-9BCA-2041396060B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "AEAF3163-4FF6-4BB0-8870-80D3F3F2953B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332_fabric_interconnect:-:*:*:*:*:*:*:*", matchCriteriaId: "0CB5291D-D248-4125-9129-BC655F082AD8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "17BAF9DA-E605-42D2-8DF9-A7211ADBEA74", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*", matchCriteriaId: "81771B6E-4D9D-470B-8072-50E9F1F654CD", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", matchCriteriaId: "B6D87151-01B0-4069-861C-BBB57C493EB3", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*", matchCriteriaId: "E7561ED7-D773-4A88-B145-EEC3F7A6269B", versionEndIncluding: "4.1\\(1a\\)a", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F063A1CB-6FC6-46EF-AF2E-1E211C7CA41F", versionEndIncluding: "3.2\\(3o\\)a", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6400:-:*:*:*:*:*:*:*", matchCriteriaId: "B1888B66-5CF7-4D4D-B832-E2CF75D6EAD8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.", }, { lang: "es", value: "Una vulnerabilidad en la funcionalidad Unidirectional Link Detection (UDLD) de Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, y Cisco NX-OS Software podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo afectado. Esta vulnerabilidad es debido a una comprobación inapropiada de entrada de los paquetes UDLD. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes UDLD específicamente diseñados a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar la recarga del dispositivo afectado, resultando en una condición de denegación de servicio (DoS). Nota: La funcionalidad UDLD está deshabilitada por defecto, y las condiciones para explotar esta vulnerabilidad son estrictas. Un atacante debe tener el control total de un dispositivo conectado directamente. En los dispositivos Cisco IOS XR, el impacto se limita a la recarga del proceso UDLD", }, ], id: "CVE-2021-34714", lastModified: "2024-11-21T06:11:01.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 5.7, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 5.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-23T03:15:18.153", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-xr-udld-dos-W5hGHgtQ", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-23 18:15
Modified
2024-11-21 06:43
Severity ?
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
4.3 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9E28952E-3CD4-4B9A-8108-E026E4A7BEFE", versionEndExcluding: "2.3.1.219", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "14ECFD3A-7608-48B0-8D9B-D9AF6AEDA93F", versionEndExcluding: "2.9.1.158", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "1EBB9911-CA29-49C6-AFC7-E6E671D4FDF5", versionEndExcluding: "2.10.1.179", versionStartIncluding: "2.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", matchCriteriaId: "957D64EB-D60E-4775-B9A8-B21CA48ED3B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.2\\(7.34\\):*:*:*:*:*:*:*", matchCriteriaId: "B70C2797-D4A0-4E1A-91C3-7E5C831BD61D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*", matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*", matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*", matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*", matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9250i:-:*:*:*:*:*:*:*", matchCriteriaId: "67CD5738-029B-43AA-9342-63719DC16138", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396s:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF9DC03-5370-46FD-9CA8-AC4DF5E922FE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9396t:-:*:*:*:*:*:*:*", matchCriteriaId: "E81D2CC1-376A-4D87-88EA-6E1831741EC6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*", matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*", matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "B22B3865-30E9-4B5A-A37D-DC33F1150FFE", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "459A7F11-52BF-4AD6-B495-4C4D6C050493", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "FEACA55F-4335-4478-B608-EB92EE1D6C6D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "DB73543E-9B5B-4BA9-8FB4-666AF5AC8B6B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "E5ABB175-81BE-4C46-BD2D-70016508BE22", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "71F93299-A715-4E97-87FE-B1E248EA98BD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "3D71B228-FFE5-45F7-ADCF-6D359ADA6D31", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "9F3AD807-5A0F-4DF5-9A7A-748205F409E7", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv5\\(1.3b\\):*:*:*:*:*:*:*", matchCriteriaId: "B3C3AEB3-5874-4CED-9C2C-EB8A0AAC1A25", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:microsoft_hyper-v:*:*", matchCriteriaId: "B7063CEF-58CC-449E-BFDA-39371BA088AF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*", matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:9.3\\(8.15\\):*:*:*:*:*:*:*", matchCriteriaId: "11FE5E58-004C-4927-A7A8-D94D8CEA6A04", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:n9k-c9316d-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "122E24C3-1411-46DA-92F1-635BC0784559", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9332d-gx2b:-:*:*:*:*:*:*:*", matchCriteriaId: "50FE8720-EA9D-47CF-9CDB-CC09FBDD008C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9348d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "1D100815-C171-46F4-B675-64E20D8C4FD0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c93600cd-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "A2D5229B-AFB2-4B28-95BB-563DBC346982", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n9k-c9364d-gx2a:-:*:*:*:*:*:*:*", matchCriteriaId: "7F0AC2DC-234F-48BA-BCC8-DE82C293C273", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx3p:-:*:*:*:*:*:*:*", matchCriteriaId: "BBEF7F26-BB47-44BD-872E-130820557C23", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2-e:-:*:*:*:*:*:*:*", matchCriteriaId: "7CDD27C9-5EAF-4956-8AB7-740C84C9D4FC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c-gx:-:*:*:*:*:*:*:*", matchCriteriaId: "68EA1FEF-B6B6-49FE-A0A4-5387F76303F8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.0\\(1a\\)a:*:*:*:*:*:*:*", matchCriteriaId: "92E775F9-12E3-41FF-B839-049D93F0588C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(3f\\)c:*:*:*:*:*:*:*", matchCriteriaId: "0A3163C7-66D2-4773-99A4-DC23D1D2AB46", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of Cisco Discovery Protocol messages that are processed by the Cisco Discovery Protocol service. An attacker could exploit this vulnerability by sending a series of malicious Cisco Discovery Protocol messages to an affected device. A successful exploit could allow the attacker to cause the Cisco Discovery Protocol service to fail and restart. In rare conditions, repeated failures of the process could occur, which could cause the entire device to restart.", }, { lang: "es", value: "Una vulnerabilidad en el servicio Cisco Discovery Protocol del software Cisco FXOS y del software Cisco NX-OS podría permitir a un atacante adyacente no autenticado hacer que el servicio se reinicie, lo que provocaría una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe al manejo inadecuado de los mensajes del Cisco Discovery Protocol que son procesados por el servicio Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad enviando una serie de mensajes maliciosos de Cisco Discovery Protocol a un dispositivo afectado. Una explotación exitosa podría permitir al atacante hacer que el servicio Cisco Discovery Protocol falle y se reinicie. En raras condiciones, podrían producirse fallos repetidos del proceso, lo que podría provocar el reinicio de todo el dispositivo", }, ], id: "CVE-2022-20625", lastModified: "2024-11-21T06:43:11.237", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-23T18:15:18.637", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cdp-dos-G8DPLWYG", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 23:29
Modified
2024-11-21 04:37
Severity ?
Summary
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/108375 | Broken Link, Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108375 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | mds_9706 | - | |
| cisco | mds_9710 | - | |
| cisco | mds_9718 | - | |
| cisco | nx-os | * | |
| cisco | nx-os | * | |
| cisco | 7000_10-slot | - | |
| cisco | 7000_18-slot | - | |
| cisco | 7000_4-slot | - | |
| cisco | 7000_9-slot | - | |
| cisco | 7700_10-slot | - | |
| cisco | 7700_18-slot | - | |
| cisco | 7700_2-slot | - | |
| cisco | 7700_6-slot | - | |
| cisco | n77-f312ck-26 | - | |
| cisco | n77-f324fq-25 | - | |
| cisco | n77-f348xp-23 | - | |
| cisco | n77-f430cq-36 | - | |
| cisco | n77-m312cq-26l | - | |
| cisco | n77-m324fq-25l | - | |
| cisco | n77-m348xp-23l | - | |
| cisco | n7k-f248xp-25e | - | |
| cisco | n7k-f306ck-25 | - | |
| cisco | n7k-f312fq-25 | - | |
| cisco | n7k-m202cf-22l | - | |
| cisco | n7k-m206fq-23l | - | |
| cisco | n7k-m224xp-23l | - | |
| cisco | n7k-m324fq-25l | - | |
| cisco | n7k-m348xp-25l | - | |
| cisco | nexus_7000_supervisor_1 | - | |
| cisco | nexus_7000_supervisor_2 | - | |
| cisco | nexus_7000_supervisor_2e | - | |
| cisco | nexus_7700_supervisor_2e | - | |
| cisco | nexus_7700_supervisor_3e | - | |
| cisco | nx-os | * | |
| cisco | ucs_6248up | - | |
| cisco | ucs_6296up | - | |
| cisco | ucs_6324 | - | |
| cisco | ucs_6332 | - | |
| cisco | ucs_6332-16up | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B38D0244-062F-45FC-AE05-BDC398E7242C", versionEndExcluding: "8.1\\(1a\\)", versionStartIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "F4863FC5-6578-48DE-838D-E5D2EEFF27B1", versionEndExcluding: "8.3\\(1\\)", versionStartIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*", matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*", matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*", matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "3411F8C2-D65A-46CF-9563-0A9866462491", versionEndExcluding: "7.3\\(3\\)d1\\(1\\)", versionStartIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "B8882184-A5B1-4F67-B942-FDEE2FFD43F4", versionEndExcluding: "8.2\\(3\\)", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:7000_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "489A59F2-D44D-44ED-844C-E0EF83A23C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "79689D81-D8F0-4FB1-9B8F-62407474A042", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_4-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "BBA5F539-E8AC-44B5-9E9C-2E35F6CAA22E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7000_9-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "D01E7A7E-7111-4C89-8EBD-080B0A3E069C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_10-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "ADCDCAC9-30F2-4EE3-9D02-5AA8BA6A1E99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_18-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "610E21F4-8188-4B5E-A80F-CFE0F2B9D8A6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_2-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "83003054-E458-4405-BA7F-A5EA415D296A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:7700_6-slot:-:*:*:*:*:*:*:*", matchCriteriaId: "C7610AAC-D1FE-44A8-9925-31F1CCA8AFEF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f312ck-26:-:*:*:*:*:*:*:*", matchCriteriaId: "F58B1C42-9150-48C9-9203-A2466FC61261", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f324fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "0AD5DA69-09D9-436A-8FC1-A46626DE2789", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f348xp-23:-:*:*:*:*:*:*:*", matchCriteriaId: "E0A9CD4D-4659-402D-BDF8-E5EF86449641", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-f430cq-36:-:*:*:*:*:*:*:*", matchCriteriaId: "5C9DC24E-6B6E-496C-8D8C-09B197B0A77E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m312cq-26l:-:*:*:*:*:*:*:*", matchCriteriaId: "9AFA9BC1-3386-4AAE-A1B6-D81761D3EA9B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "9D753638-4BE8-4BF5-A083-F8360003869D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n77-m348xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "8E6AC35C-29B2-42C7-862D-D9AC3461D8D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f248xp-25e:-:*:*:*:*:*:*:*", matchCriteriaId: "C4FD83D1-8ECB-4DB8-A6E0-2F795F83B4CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f306ck-25:-:*:*:*:*:*:*:*", matchCriteriaId: "9B875911-E742-427B-AE07-C8A5955DEA62", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-f312fq-25:-:*:*:*:*:*:*:*", matchCriteriaId: "CD0C6431-8EB1-4F69-AF28-8F5C55348AF5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m202cf-22l:-:*:*:*:*:*:*:*", matchCriteriaId: "AFCA5EC7-9F36-4473-B0DF-4F0F9C680F10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m206fq-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "5D0E31D5-9F1D-46EC-824F-352A0098944B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m224xp-23l:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AD0767-C42B-4BAC-B90C-F4412B661D7A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m324fq-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "B6BF05BA-E0CC-45D6-963F-27F0BD7B3C4F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:n7k-m348xp-25l:-:*:*:*:*:*:*:*", matchCriteriaId: "D409BDF3-9F35-4D94-9DF0-7B58A519A005", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_1:-:*:*:*:*:*:*:*", matchCriteriaId: "993AFE99-DFC3-4D92-90C8-D3A6495547BC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2:-:*:*:*:*:*:*:*", matchCriteriaId: "7453E0FA-B05D-4888-AFB0-8FE8B8040DFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7000_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "108DB6B5-CB29-477F-84FC-52116F295878", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_2e:-:*:*:*:*:*:*:*", matchCriteriaId: "4FBB9435-1CD4-469E-BF16-AD98ADC99AAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_7700_supervisor_3e:-:*:*:*:*:*:*:*", matchCriteriaId: "42ABB93D-2C3A-4029-B545-B638B6C7788E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "631B6866-7CEC-48F8-AC5A-2CBE4DBFF9A7", versionEndExcluding: "3.2\\(3k\\)", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332-16up:-:*:*:*:*:*:*:*", matchCriteriaId: "054D8EB2-97A3-4725-9DFF-27A4D231D90A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.", }, { lang: "es", value: "Una vulnerabilidad en la función Image Signature Verification del programa Cisco NX-OS podría permitir que un atacante local autenticado con credenciales de administrador para instalar un parche de programa malicioso en un dispositivo afectado. La vulnerabilidad se debe a la verificación incorrecta de las firmas digitales para las imágenes de parches. Un atacante podría aprovechar esta vulnerabilidad si crea un parche de programa sin firmar para evitar las comprobaciones de firmas y cargarlo en un dispositivo afectado. Una explotación exitosa podría permitir al atacante arrancar una imagen de parche de programa malicioso.", }, ], id: "CVE-2019-1809", lastModified: "2024-11-21T04:37:25.623", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T23:29:01.073", references: [ { source: "psirt@cisco.com", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108375", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-psvb", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-347", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-347", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C", versionEndExcluding: "9.3\\(2\\)", versionStartIncluding: "7.0\\(3\\)f2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2", versionEndExcluding: "7.0\\(3\\)i7\\(8\\)", versionStartIncluding: "7.0\\(3\\)i", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*", matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*", matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*", matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*", matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*", matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*", matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*", matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*", matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "E305E4CC-859B-4697-A7C9-A55BA55FF949", versionEndExcluding: "7.3\\(6\\)n1\\(1\\)", versionStartIncluding: "7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6001:-:*:*:*:*:*:*:*", matchCriteriaId: "A9662D6B-AF0F-45C8-B7CD-AE7C76593FDB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_6004:-:*:*:*:*:*:*:*", matchCriteriaId: "4F557E38-09F6-42C6-BABA-3C3168B38BBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "68A586A3-0291-4BA3-9211-6EE0BBB7F39C", versionEndExcluding: "9.3\\(2\\)", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE", versionEndExcluding: "14.2\\(1j\\)", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*", matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*", matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*", matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*", matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*", matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*", matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*", matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*", matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*", matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E", versionEndExcluding: "3.2\\(3m\\)", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EA485BA3-323E-4505-BBE1-4B2AC9E5A00D", versionEndExcluding: "4.0\\(4f\\)", versionStartIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*", matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*", matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*", matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability exists because the Cisco Discovery Protocol parser does not properly validate input for certain fields in a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. An successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario o causar una recarga sobre un dispositivo afectado. La vulnerabilidad se presenta porque el analizador de Cisco Discovery Protocol no comprueba apropiadamente la entrada para determinados campos en un mensaje de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer de la pila, lo que podría permitir al atacante ejecutar código arbitrario con privilegios administrativos sobre un dispositivo afectado. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).", }, ], id: "CVE-2020-3119", lastModified: "2024-11-21T05:30:21.903", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-05T18:15:10.987", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-20 21:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041169 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin | Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.3\\(2\\)n1\\(0.354\\):*:*:*:*:*:*:*", matchCriteriaId: "E37D2258-0776-4EA8-9342-4F90DF77C33E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_5000:-:*:*:*:*:*:*:*", matchCriteriaId: "4F2B1E07-8519-4F58-9048-81ABA12E01DC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5010:-:*:*:*:*:*:*:*", matchCriteriaId: "E275D31F-4FA1-428E-AB4A-D2802FF0CF1A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5020:-:*:*:*:*:*:*:*", matchCriteriaId: "BA7F5823-41A8-47C8-A154-02C6C31EF76A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*", matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*", matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*", matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*", matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*", matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*", matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*", matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*", matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*", matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:5.2\\(1\\)sv3\\(1.10\\):*:*:*:*:*:*:*", matchCriteriaId: "17C275C2-9082-47EC-B525-9EAA427A083B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "9A5FFC5B-6F90-4E8F-9AE2-B4DA4C7A144B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:8.8\\(3.5\\)s0:*:*:*:*:*:*:*", matchCriteriaId: "B1B17D00-490A-42CE-9DBB-EF8D30264546", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*", matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*", matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*", matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*", matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*", matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*", matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*", matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*", matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*", matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*", matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-c9508-fm-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0FD46BDD-4755-46DD-9F83-B2B589B09417", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0603E231-14E0-4224-898F-ED61641F7403", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_n9k-x9636q-r:-:*:*:*:*:*:*:*", matchCriteriaId: "FE3EB1F2-F964-4D4E-BDE7-8E6805105152", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "262C95B9-0B56-48FD-BEE4-6680839D21A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_172tq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "38AC6D08-C547-44A3-AC77-A63DB58E4889", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*", matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*", matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "09AC2BAD-F536-48D0-A2F0-D4E290519EB6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*", matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3064-x:-:*:*:*:*:*:*:*", matchCriteriaId: "ECC4FFCC-E886-49BC-9737-5B5BA2AAB14B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3100-v:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FF2EC4-0C09-4C00-9956-A2A4A894F63D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*", matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*", matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*", matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-x:-:*:*:*:*:*:*:*", matchCriteriaId: "C97C29EE-9426-4BBE-8D84-AB5FF748703D", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*", matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq:-:*:*:*:*:*:*:*", matchCriteriaId: "CED628B5-97A8-4B26-AA40-BEC854982157", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*", matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*", matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3232c:-:*:*:*:*:*:*:*", matchCriteriaId: "652A2849-668D-4156-88FB-C19844A59F33", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*", matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*", matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*", matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*", matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*", matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*", matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*", matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*", matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:nexus_c36180yc-r:-:*:*:*:*:*:*:*", matchCriteriaId: "0C9D4C48-4D01-4761-B2D8-F16E90F78560", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i2\\(4a\\):*:*:*:*:*:*:*", matchCriteriaId: "262C95B9-0B56-48FD-BEE4-6680839D21A6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:ucs_6120xp:-:*:*:*:*:*:*:*", matchCriteriaId: "FC6E3DFD-A811-4FD3-B888-ABCDEFCD3A4B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6140xp:-:*:*:*:*:*:*:*", matchCriteriaId: "C0246716-64E9-4CCA-9546-A3A40D375E95", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*", matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*", matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*", matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:ucs_6332:-:*:*:*:*:*:*:*", matchCriteriaId: "E406DDCE-6753-43E9-B6F0-7A038DE84E41", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD4FA53-E048-4F10-800A-0C213F361139", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "81FC0A3F-4682-47D9-8095-6805E33979BF", versionEndExcluding: "2.0.1.159", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9F0AC7D7-0569-497E-B38E-2758410A750D", versionEndExcluding: "2.1.1.86", versionStartIncluding: "2.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD4FA53-E048-4F10-800A-0C213F361139", versionEndExcluding: "2.2.2.17", versionStartIncluding: "2.2", vulnerable: true, }, { criteria: "cpe:2.3:o:cisco:fxos:*:*:*:*:*:*:*:*", matchCriteriaId: "81FC0A3F-4682-47D9-8095-6805E33979BF", versionEndExcluding: "2.0.1.159", versionStartIncluding: "1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:firepower_9300_security_appliance:-:*:*:*:*:*:*:*", matchCriteriaId: "0574E77C-18C6-4621-B73A-DCDD6D1B5E37", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1\\(1a\\):*:*:*:*:*:*:*", matchCriteriaId: "C28214D7-90AA-4917-AC87-BE9F481BBE2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:nexus_4001:-:*:*:*:*:*:*:*", matchCriteriaId: "56193DB3-79DC-47D1-A629-D22EFC57D590", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device. This vulnerability affects Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, { lang: "es", value: "Una vulnerabilidad en la característica escritura-borrado del software Cisco FXOS y Cisco NX-OS podría permitir que un atacante local autenticado configure una cuenta de administrador no autorizada para un dispositivo afectado. La vulnerabilidad existe debido a que el software afectado no elimina correctamente los archivos sensibles cuando determinados comandos de la interfaz de línea de comandos se emplean para limpiar la configuración del dispositivo y recargarlo. Un atacante podría explotar esta vulnerabilidad iniciando sesión en un dispositivo afectado como usuario administrativo y configurando una cuenta no autorizada en el dispositivo. La cuenta no requeriría una contraseña para autenticarse y sería accesible solo mediante una conexión SSH (Secure Shell) al dispositivo. Su explotación con éxito podría permitir que el atacante configure una cuenta no autorizada con privilegios administrativos, que no requiere contraseña para autenticarse y no aparece en la configuración en ejecución o los registros de auditoría para el dispositivo afectado. La vulnerabilidad afecta a Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, Nexus 1000V Series Switches, Nexus 1100 Series Cloud Services Platforms, Nexus 2000 Series Fabric Extenders, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects y UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvd13993, CSCvd34845, CSCvd34857, CSCvd34862, CSCvd34879, CSCve35753.", }, ], id: "CVE-2018-0294", lastModified: "2024-11-21T03:37:54.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-20T21:29:00.390", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041169", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-nxosadmin", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }