CVE-2013-1180 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-20 — Improper Input Validation4 documents4 sources

Severity

9.0CRITICALNVD

EPSS

4.4%

top 10.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedApr 25

Latest updateMay 17

Description

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/nx-os71 versions+70

🔴Vulnerability Details

GHSA

GHSA-vrhj-5qwj-2q46: Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4↗2022-05-17

▶

CVEList

CVE-2013-1180: Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4↗2013-04-25

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco NX-OS-Based Products↗2013-04-24

▶