Lucene search

[email protected]CVE-2013-1208

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1208

2022-10-0316:14:49

CWE-310

[email protected]

web.nvd.nist.gov

cisco

nx-os

nexus 1000v

encryption

vsm

vem

network traffic

security vulnerability

cve-2013-1208

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.1%

JSON

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID CSCud14691.

Affected configurations

NVD

Node

cisconx-osMatch-

AND

cisconexus_1000vMatch-

CPENameOperatorVersion
cisco:nx-oscisco nx-oseq-

CPE	Name	Operator	Version
cisco:nx-os	cisco nx-os	eq	-

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1208

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.1%

JSON

Related for CVE-2013-1208

nvd1 nessus1 cvelist1 prion1 cisco1