CVE-2013-3400

The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3400	Vendor Advisory
http://www.securitytracker.com/id/1028763

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-07-10 20:55

Updated : 2023-12-10 11:16

NVD link : CVE-2013-3400

Mitre link : CVE-2013-3400

CVE.ORG link : CVE-2013-3400

JSON object : View

Products Affected

cisco

nx-os
nexus_1000v

CWE

CWE-20

Improper Input Validation

6.8 /10