Multiple Vulnerabilities in Cisco NX-OS-Based Products (cisco-sa-20130424-nxosmulti)

high Nessus Plugin ID 66700

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities :

- Multiple Cisco Discovery Protocol Vulnerabilities in Cisco NX-OS-Based Products

- Cisco NX-OS Software SNMP and License Manager Buffer Overflow Vulnerability

- Cisco NX-OS Software SNMP Buffer Overflow Vulnerability

- Cisco NX-OS Software Jumbo Packet Denial of Service Vulnerability

Cisco has released free software updates that address these vulnerabilities.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20130424-nxosmulti.

See Also

http://www.nessus.org/u?4ef09c4a

Plugin Details

Severity: High

ID: 66700

File Name: cisco-sa-20130424-nxosmulti-nxos.nasl

Version: 1.11

Type: combined

Family: CISCO

Published: 5/31/2013

Updated: 10/29/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Device, Host/Cisco/NX-OS/Model

Exploit Ease: No known exploits are available

Patch Publication Date: 4/26/2013

Vulnerability Publication Date: 4/24/2013

Reference Information

CVE: CVE-2013-1178, CVE-2013-1179, CVE-2013-1180, CVE-2013-1181

BID: 59452, 59454, 59456, 59458