CVE-2013-5566Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-3994 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.1%
top 21.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedNov 8
Latest updateMay 17

Description

Cisco NX-OS 5.0 and earlier on MDS 9000 devices allows remote attackers to cause a denial of service (supervisor CPU consumption) via Authentication Header (AH) authentication in a Virtual Router Redundancy Protocol (VRRP) frame, aka Bug ID CSCte27874.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/nx-os5.0+37

🔴Vulnerability Details

2
GHSA
GHSA-j3xh-96gv-642p: Cisco NX-OS 52022-05-17
CVEList
CVE-2013-5566: Cisco NX-OS 52013-11-08

📋Vendor Advisories

1
Cisco
Cisco MDS 9000 NX-OS Software Denial of Service Vulnerability2013-11-06
CVE-2013-5566 — Cisco Nx-os vulnerability | cvebase