Skip to main content

Nx Os CVE-2013-6982

MEDIUM
Improper Input Validation (CWE-20)
2014-01-08 psirt@cisco.com
4.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jan 08, 2014 - 21:55 cve.org
MEDIUM 4.3

DescriptionCVE.org

The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174.

AnalysisAI

The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174. Affected products include: Cisco Nx-Os.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Nx Os

View all
CVE-2016-1453 CRITICAL
9.8 Oct 06

Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 a

CVE-2019-1617 HIGH POC
7.4 Mar 11

A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtualization (NPV) protocol implementation in Cisco N

CVE-2013-1180 CRITICAL
9.0 Apr 25

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before

CVE-2013-1179 CRITICAL
9.0 Apr 25

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4

CVE-2016-1341 CRITICAL
9.8 Feb 24

Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, w

CVE-2018-0310 CRITICAL
9.8 Jun 21

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an un

CVE-2018-0301 CRITICAL
9.8 Jun 20

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a

CVE-2015-4235 CRITICAL
9.0 Jul 24

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) an

CVE-2021-1361 CRITICAL
9.1 Feb 24

A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Ci

CVE-2017-3883 HIGH
8.6 Oct 19

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible

CVE-2014-3341 MEDIUM
5.0 Aug 19

The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages

CVE-2016-1302 HIGH
8.8 Feb 07

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) an

Share

CVE-2013-6982 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy