CVE-2012-1340Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco MDS 9000 Nx-os

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 28.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco MDS 9000 Nx-os
Timeline
PublishedAug 6
Latest updateMay 17

Description

The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series switches allows remote attackers to cause a denial of service (module reload) via a crafted FCIP header, aka Bug ID CSCtn93151.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/mds_9000_nx-os4.2, 5.2+1

🔴Vulnerability Details

2
GHSA
GHSA-r2wv-4x27-jjx6: The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 42022-05-17
CVEList
CVE-2012-1340: The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 42012-08-06

📋Vendor Advisories

1
Cisco
Cisco NX-OS FCIP Remote Denial of Service Vulnerability2012-08-10
CVE-2012-1340 — Cisco MDS 9000 Nx-os vulnerability | cvebase