CVE-2014-2200Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-264CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-3994 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.7%
top 28.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedMay 26
Latest updateMay 17

Description

Cisco NX-OS 5.0 before 5.0(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDcisco/nx-os30 versions+29

🔴Vulnerability Details

2
GHSA
GHSA-f9hh-5798-v49v: Cisco NX-OS 52022-05-17
CVEList
CVE-2014-2200: Cisco NX-OS 52014-05-24

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco NX-OS-Based Products2014-05-21
CVE-2014-2200 — Cisco Nx-os vulnerability | cvebase