CVE-2013-1178 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Cg-os

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-20 — Improper Input Validation4 documents4 sources

Severity

8.3HIGHNVD

EPSS

1.6%

top 18.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cg-os Cisco Nx-os Cisco Unified Computing System Infrastructure AND Unified Computing System Software

Timeline

PublishedApr 25

Latest updateMay 17

Description

Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) …

CVSS vector

AV:A/AC:L/C:C/I:C/A:CExploitability: 6.5 | Impact: 10.0

Affected Packages3 packages

▶NVDcisco/unified_computing_system_infrastructure_and_unified_computing_system_software2.0\(1x\)+35

▶NVDcisco/cg-oscg4+3

▶NVDcisco/nx-os4.1.\(2\)+70

🔴Vulnerability Details

GHSA

GHSA-9xq7-8xm8-rcqx: Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4↗2022-05-17

▶

CVEList

CVE-2013-1178: Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4↗2013-04-25

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco NX-OS-Based Products↗2013-04-24

▶