CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2013-1178

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275.
Publish Date : 2013-04-25 Last Update Date : 2013-04-25
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
8.3
Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Execute CodeOverflow
CWE ID 119

- Products Affected By CVE-2013-1178

# Product Type Vendor Product Version Update Edition Language
1 OS Cisco Cg-os CG1 Version Details Vulnerabilities
2 OS Cisco Cg-os CG2 Version Details Vulnerabilities
3 OS Cisco Cg-os CG3 Version Details Vulnerabilities
4 OS Cisco Cg-os CG4 Version Details Vulnerabilities
5 Hardware Cisco Connected Grid Router 1000 - Version Details Vulnerabilities
6 Hardware Cisco Mds 9000 Version Details Vulnerabilities
7 Hardware Cisco Nexus 1000v - Version Details Vulnerabilities
8 Hardware Cisco Nexus 3000 Version Details Vulnerabilities
9 Hardware Cisco Nexus 3016q - Version Details Vulnerabilities
10 Hardware Cisco Nexus 3048 - Version Details Vulnerabilities
11 Hardware Cisco Nexus 3064t - Version Details Vulnerabilities
12 Hardware Cisco Nexus 3064x - Version Details Vulnerabilities
13 Hardware Cisco Nexus 3548 - Version Details Vulnerabilities
14 Hardware Cisco Nexus 4001i - Version Details Vulnerabilities
15 Hardware Cisco Nexus 5000 - Version Details Vulnerabilities
16 Hardware Cisco Nexus 5010 - Version Details Vulnerabilities
17 Hardware Cisco Nexus 5020 - Version Details Vulnerabilities
18 Hardware Cisco Nexus 5548p - Version Details Vulnerabilities
19 Hardware Cisco Nexus 5548up - Version Details Vulnerabilities
20 Hardware Cisco Nexus 5596up - Version Details Vulnerabilities
21 Hardware Cisco Nexus 7000 - Version Details Vulnerabilities
22 Hardware Cisco Nexus 7000 10-slot - Version Details Vulnerabilities
23 Hardware Cisco Nexus 7000 18-slot - Version Details Vulnerabilities
24 Hardware Cisco Nexus 7000 9-slot - Version Details Vulnerabilities
25 OS Cisco Nx-os 4.0(0)n1(2) Version Details Vulnerabilities
26 OS Cisco Nx-os 4.0(4)sv1(3a) Version Details Vulnerabilities
27 OS Cisco Nx-os 4.0(4)sv1(1) Version Details Vulnerabilities
28 OS Cisco Nx-os 4.0(1a)n1(1a) Version Details Vulnerabilities
29 OS Cisco Nx-os 4.0(1a)n1(1) Version Details Vulnerabilities
30 OS Cisco Nx-os 4.0(4)sv1(3b) Version Details Vulnerabilities
31 OS Cisco Nx-os 4.0(4)sv1(2) Version Details Vulnerabilities
32 OS Cisco Nx-os 4.0(1a)n2(1) Version Details Vulnerabilities
33 OS Cisco Nx-os 4.0(0)n1(2a) Version Details Vulnerabilities
34 OS Cisco Nx-os 4.0(4)sv1(3c) Version Details Vulnerabilities
35 OS Cisco Nx-os 4.0 Version Details Vulnerabilities
36 OS Cisco Nx-os 4.0(4)sv1(3d) Version Details Vulnerabilities
37 OS Cisco Nx-os 4.0(1a)n2(1a) Version Details Vulnerabilities
38 OS Cisco Nx-os 4.0(0)n1(1a) Version Details Vulnerabilities
39 OS Cisco Nx-os 4.0(4)sv1(3) Version Details Vulnerabilities
40 OS Cisco Nx-os 4.1(3)n2(1a) Version Details Vulnerabilities
41 OS Cisco Nx-os 4.1(3)n2(1) Version Details Vulnerabilities
42 OS Cisco Nx-os 4.1(3)n1(1a) Version Details Vulnerabilities
43 OS Cisco Nx-os 4.1(3)n1(1) Version Details Vulnerabilities
44 OS Cisco Nx-os 4.1.(3) Version Details Vulnerabilities
45 OS Cisco Nx-os 4.1.(2) Version Details Vulnerabilities
46 OS Cisco Nx-os 4.1.(5) Version Details Vulnerabilities
47 OS Cisco Nx-os 4.1.(4) Version Details Vulnerabilities
48 OS Cisco Nx-os 4.2(6) Version Details Vulnerabilities
49 OS Cisco Nx-os 4.2(8) Version Details Vulnerabilities
50 OS Cisco Nx-os 4.2(1)n2(1) Version Details Vulnerabilities
51 OS Cisco Nx-os 4.2(3) Version Details Vulnerabilities
52 OS Cisco Nx-os 4.2(1) Version Details Vulnerabilities
53 OS Cisco Nx-os 4.2(1)n1(1) Version Details Vulnerabilities
54 OS Cisco Nx-os 4.2(1)n2(1a) Version Details Vulnerabilities
55 OS Cisco Nx-os 4.2(1)sv1(4a) Version Details Vulnerabilities
56 OS Cisco Nx-os 4.2(2) Version Details Vulnerabilities
57 OS Cisco Nx-os 4.2 Version Details Vulnerabilities
58 OS Cisco Nx-os 4.2(1)sv1(4) Version Details Vulnerabilities
59 OS Cisco Nx-os 4.2(4) Version Details Vulnerabilities
60 OS Cisco Nx-os 4.2.(2a) Version Details Vulnerabilities
61 OS Cisco Nx-os 4.2(1)sv1(5.1) Version Details Vulnerabilities
62 OS Cisco Nx-os 5.0(3)n2(2a) Version Details Vulnerabilities
63 OS Cisco Nx-os 5.0 Version Details Vulnerabilities
64 OS Cisco Nx-os 5.0(3)n2(2) Version Details Vulnerabilities
65 OS Cisco Nx-os 5.0(2)n2(1) Version Details Vulnerabilities
66 OS Cisco Nx-os 5.0(2) Version Details Vulnerabilities
67 OS Cisco Nx-os 5.0(5) Version Details Vulnerabilities
68 OS Cisco Nx-os 5.0(2)n2(1a) Version Details Vulnerabilities
69 OS Cisco Nx-os 5.0(3)n1(1c) Version Details Vulnerabilities
70 OS Cisco Nx-os 5.0(3)n1(1b) Version Details Vulnerabilities
71 OS Cisco Nx-os 5.0(3) Version Details Vulnerabilities
72 OS Cisco Nx-os 5.0(3)n1(1) Version Details Vulnerabilities
73 OS Cisco Nx-os 5.0(2)n1(1) Version Details Vulnerabilities
74 OS Cisco Nx-os 5.0(2a) Version Details Vulnerabilities
75 OS Cisco Nx-os 5.0(3)n2(2b) Version Details Vulnerabilities
76 OS Cisco Nx-os 5.0(3)n1(1a) Version Details Vulnerabilities
77 OS Cisco Nx-os 5.0(3)n2(1) Version Details Vulnerabilities
78 OS Cisco Nx-os 5.1(2) Version Details Vulnerabilities
79 OS Cisco Nx-os 5.1(5) Version Details Vulnerabilities
80 OS Cisco Nx-os 5.1(1) Version Details Vulnerabilities
81 OS Cisco Nx-os 5.1(3)n1(1) Version Details Vulnerabilities
82 OS Cisco Nx-os 5.1 Version Details Vulnerabilities
83 OS Cisco Nx-os 5.1(4) Version Details Vulnerabilities
84 OS Cisco Nx-os 5.1(3)n1(1a) Version Details Vulnerabilities
85 OS Cisco Nx-os 5.1(3) Version Details Vulnerabilities
86 OS Cisco Nx-os 5.1(6) Version Details Vulnerabilities
87 OS Cisco Nx-os 5.1(1a) Version Details Vulnerabilities
88 OS Cisco Nx-os 5.2 Version Details Vulnerabilities
89 OS Cisco Nx-os 5.2(3) Version Details Vulnerabilities
90 OS Cisco Nx-os 5.2(3a) Version Details Vulnerabilities
91 OS Cisco Nx-os 5.2(1) Version Details Vulnerabilities
92 OS Cisco Nx-os 6.0(1) Version Details Vulnerabilities
93 OS Cisco Nx-os 6.0(2) Version Details Vulnerabilities
94 OS Cisco Nx-os 6.1 Version Details Vulnerabilities
95 Hardware Cisco Unified Computing System 6120xp Fabric Interconnect - Version Details Vulnerabilities
96 Hardware Cisco Unified Computing System 6140xp Fabric Interconnect - Version Details Vulnerabilities
97 Hardware Cisco Unified Computing System 6248up Fabric Interconnect - Version Details Vulnerabilities
98 Hardware Cisco Unified Computing System 6296up Fabric Interconnect - Version Details Vulnerabilities
99 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.0 Version Details Vulnerabilities
100 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.0(2k) Version Details Vulnerabilities
101 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.1(1m) Version Details Vulnerabilities
102 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.1 Version Details Vulnerabilities
103 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2(1) Version Details Vulnerabilities
104 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2 Version Details Vulnerabilities
105 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2(1a) Version Details Vulnerabilities
106 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.2(1d) Version Details Vulnerabilities
107 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1m) Version Details Vulnerabilities
108 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1n) Version Details Vulnerabilities
109 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1y) Version Details Vulnerabilities
110 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1c) Version Details Vulnerabilities
111 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1w) Version Details Vulnerabilities
112 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1o) Version Details Vulnerabilities
113 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1t) Version Details Vulnerabilities
114 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1p) Version Details Vulnerabilities
115 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.3(1q) Version Details Vulnerabilities
116 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(1m) Version Details Vulnerabilities
117 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3s) Version Details Vulnerabilities
118 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(4i) Version Details Vulnerabilities
119 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(1j) Version Details Vulnerabilities
120 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3q) Version Details Vulnerabilities
121 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(4g) Version Details Vulnerabilities
122 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(4j) Version Details Vulnerabilities
123 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3m) Version Details Vulnerabilities
124 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(4f) Version Details Vulnerabilities
125 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(4k) Version Details Vulnerabilities
126 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3l) Version Details Vulnerabilities
127 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3y) Version Details Vulnerabilities
128 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3i) Version Details Vulnerabilities
129 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 1.4(3u) Version Details Vulnerabilities
130 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 2.0(1w) Version Details Vulnerabilities
131 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 2.0(1x) Version Details Vulnerabilities
132 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 2.0(1q) Version Details Vulnerabilities
133 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 2.0(1s) Version Details Vulnerabilities
134 OS Cisco Unified Computing System Infrastructure And Unified Computing System Software 2.0(1t) Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Cisco Cg-os 4
Cisco Connected Grid Router 1000 1
Cisco Mds 9000 1
Cisco Nexus 1000v 1
Cisco Nexus 3000 1
Cisco Nexus 3016q 1
Cisco Nexus 3048 1
Cisco Nexus 3064t 1
Cisco Nexus 3064x 1
Cisco Nexus 3548 1
Cisco Nexus 4001i 1
Cisco Nexus 5000 1
Cisco Nexus 5010 1
Cisco Nexus 5020 1
Cisco Nexus 5548p 1
Cisco Nexus 5548up 1
Cisco Nexus 5596up 1
Cisco Nexus 7000 1
Cisco Nexus 7000 10-slot 1
Cisco Nexus 7000 18-slot 1
Cisco Nexus 7000 9-slot 1
Cisco Nx-os 70
Cisco Unified Computing System 6120xp Fabric Interconnect 1
Cisco Unified Computing System 6140xp Fabric Interconnect 1
Cisco Unified Computing System 6248up Fabric Interconnect 1
Cisco Unified Computing System 6296up Fabric Interconnect 1
Cisco Unified Computing System Infrastructure And Unified Computing System Software 36

- References For CVE-2013-1178

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti
CISCO 20130424 Multiple Vulnerabilities in Cisco NX-OS-Based Products

- Metasploit Modules Related To CVE-2013-1178

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.