Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

A vulnerability in the Open Network Environment Platform (ONEP) could
allow an authenticated, remote attacker to cause the network element
to reload.

The vulnerability is due to insufficient pointer validation. An
attacker could exploit this vulnerability by sending a crafted packet
to an ONEP-enabled network element. Successful exploitation could
allow the attacker to cause the network element to reload.

See also :

http://www.nessus.org/u?a4341ee5

Solution :

Apply the patch referenced in Cisco bug ID CSCui51551.

Risk factor :

Medium / CVSS Base Score : 6.3
(CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:C)
CVSS Temporal Score : 5.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 70399 ()

Bugtraq ID: 62403

CVE ID: CVE-2013-5496

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial