CVE-2013-1191Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-264CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-3994 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.9%
top 24.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedMay 26
Latest updateMay 17

Description

Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDcisco/nx-os6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-9cw5-jjwx-8c3g: Cisco NX-OS 62022-05-17
CVEList
CVE-2013-1191: Cisco NX-OS 62014-05-24

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco NX-OS-Based Products2014-05-21
CVE-2013-1191 — Cisco Nx-os vulnerability | cvebase