Lucene search

CiscoCISCO-SA-20161005-N9KINFO

HistoryOct 05, 2016 - 4:00 p.m.

Cisco Nexus 9000 Information Disclosure Vulnerability

2016-10-0516:00:00

tools.cisco.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

66.3%

JSON

A vulnerability in the internal iptables configuration for local interfaces on the Cisco Nexus 9000 Series Switch could allow an unauthenticated, remote attacker to access certain sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to incorrect filtering of network traffic destined to certain TCP and UDP ports configured on a local interface. An attacker could exploit this vulnerability by connecting to the affected device on one of the exposed TCP or UDP ports. An exploit could allow the attacker to discover certain sensitive data which should be restricted and could be used to conduct further attacks.

Cisco has released software updates that address this vulnerability. A workaround to mitigate this vulnerability is available.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo”]

Affected configurations

Vulners

Node

cisconx_osMatch7.0

cisconx_osMatch7.0\(3\)i1

cisconx_osMatch7.0\(3\)

cisconx_osMatch7.0\(3\)i1\(1\)

cisconx_osMatch7.0\(3\)i1\(1a\)

cisconx_osMatch7.0\(3\)i1\(1b\)

cisconx_osMatch7.0\(3\)i1\(2\)

VendorProductVersionCPE
cisconx_os7.0cpe:2.3:o:cisco:nx_os:7.0:*:*:*:*:*:*:*
cisconx_os7.0(3)i1cpe:2.3:o:cisco:nx_os:7.0\(3\)i1:*:*:*:*:*:*:*
cisconx_os7.0(3)cpe:2.3:o:cisco:nx_os:7.0\(3\):*:*:*:*:*:*:*
cisconx_os7.0(3)i1(1)cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1\):*:*:*:*:*:*:*
cisconx_os7.0(3)i1(1a)cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1a\):*:*:*:*:*:*:*
cisconx_os7.0(3)i1(1b)cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1b\):*:*:*:*:*:*:*
cisconx_os7.0(3)i1(2)cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(2\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nx_os	7.0	cpe:2.3:o:cisco:nx_os:7.0:::::::*
cisco	nx_os	7.0(3)i1	cpe:2.3:o:cisco:nx_os:7.0\(3\)i1:::::::*
cisco	nx_os	7.0(3)	cpe:2.3:o:cisco:nx_os:7.0\(3\):::::::*
cisco	nx_os	7.0(3)i1(1)	cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1\):::::::*
cisco	nx_os	7.0(3)i1(1a)	cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1a\):::::::*
cisco	nx_os	7.0(3)i1(1b)	cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(1b\):::::::*
cisco	nx_os	7.0(3)i1(2)	cpe:2.3:o:cisco:nx_os:7.0\(3\)i1\(2\):::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

66.3%

JSON

Related for CISCO-SA-20161005-N9KINFO