CVE-2013-1211

Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1211	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-05-29 19:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-1211

Mitre link : CVE-2013-1211

CVE.ORG link : CVE-2013-1211

JSON object : View

Products Affected

cisco

nx-os
nexus_1000v

CWE

CWE-287

Improper Authentication

5.0 /10