CVE-2007-5134 : Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Eth

Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended.

Published 2007-09-27 19:17:00

Updated 2017-07-29 01:33:25

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2007-5134

Cisco » Catos » Version: 5.4(1)
cpe:2.3:o:cisco:catos:5.4\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Catos » Version: 7.5(1)
cpe:2.3:o:cisco:catos:7.5\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Catos » Version: 7.6(1)
cpe:2.3:o:cisco:catos:7.6\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500
cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 » Sup2 Msfc2 Edition
cpe:2.3:h:cisco:catalyst_7600:*:*:sup2_msfc2:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 » Sup720 Msfc3 Edition
cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600
cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-svc-nam-1 » Version: 2.2(1a)
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-svc-nam-1 » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-svc-nam-2 » Version: 2.2(1a)
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-svc-nam-2 » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-x6380-nam » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 6500 Ws-x6380-nam » Version: 2.1(2)
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-svc-nam-1 » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:3.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-svc-nam-1 » Version: 2.2(1a)
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-svc-nam-2 » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:3.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-svc-nam-2 » Version: 2.2(1a)
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-x6380-nam » Version: 2.1(2)
cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:2.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Catalyst 7600 Ws-x6380-nam » Version: 3.1(1a)
cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\(1a\):*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-5134

EPSS FAQ

0.66%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 69 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-5134

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2007-5134

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-5134

Jump to

Vulnerability Details : CVE-2007-5134

Products affected by CVE-2007-5134

Exploit prediction scoring system (EPSS) score for CVE-2007-5134

CVSS scores for CVE-2007-5134

CWE ids for CVE-2007-5134

References for CVE-2007-5134