CVE-2013-1179 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-20 — Improper Input Validation4 documents4 sources

Severity

9.0CRITICALNVD

EPSS

4.4%

top 10.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedApr 25

Latest updateMay 17

Description

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/nx-os71 versions+70

🔴Vulnerability Details

GHSA

GHSA-w8jh-7fp6-qvv3: Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4↗2022-05-17

▶

CVEList

CVE-2013-1179: Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4↗2013-04-25

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco NX-OS-Based Products↗2013-04-24

▶