CVE-2013-1122 — Improper Input Validation in Cisco Nx-os

CWE-20 — Improper Input Validation CWE-3995 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.7%

top 27.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedFeb 13

Latest updateMay 17

Description

Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/nx-os70 versions+69

🔴Vulnerability Details

GHSA

GHSA-vvfv-p8hw-g4r7: Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial↗2022-05-17

▶

CVEList

CVE-2013-1122: Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial↗2013-02-13

▶

📋Vendor Advisories

Cisco

Cisco Nexus 7000 M1-Series Modules Crafted Packet Vulnerability↗2013-02-06

▶

💬Community

Bugzilla

CVE-2013-2176 rhev-m: rhev-apt service unquoted search path↗2013-06-13

▶