Lucene search

[email protected]CVE-2014-3261

HistoryMay 26, 2014 - 12:25 a.m.

CVE-2014-3261

2014-05-2600:25:32

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-3261

buffer overflow

cisco

nx-os

smart call home

fabric interconnects

unified computing system

nexus 3000

nexus 4000

nexus 5000

nexus 7000

connected grid routers

nvd

vulnerability

security issue

remote execution

smtp servers

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

45.1%

JSON

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Affected configurations

NVD

Node

ciscounified_computing_system_6120xp_fabric_interconnectMatch-

ciscounified_computing_system_6140xp_fabric_interconnectMatch-

ciscounified_computing_system_6248up_fabric_interconnectMatch-

ciscounified_computing_system_6296up_fabric_interconnectMatch-

ciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(1j\)

Node

ciscocg-osMatchcg4

ciscocg-osMatchcg4\(1\)

AND

ciscocgr_1120Match-

ciscocgr_1240Match-

Node

cisconx-osMatch5.2

cisconx-osMatch5.2\(1\)

cisconx-osMatch5.2\(3\)

AND

cisconexus_7000Match-

cisconexus_7000_10-slotMatch-

cisconexus_7000_18-slotMatch-

cisconexus_7000_9-slotMatch-

Node

cisconx-osMatch-

cisconx-osMatch5.0

cisconx-osMatch5.0\(2\)

cisconx-osMatch5.0\(2\)n1\(1\)

cisconx-osMatch5.0\(2\)n2\(1\)

cisconx-osMatch5.0\(2\)n2\(1a\)

cisconx-osMatch5.0\(2a\)

cisconx-osMatch5.0\(3\)

cisconx-osMatch5.0\(3\)n1\(1\)

cisconx-osMatch5.0\(3\)n1\(1a\)

cisconx-osMatch5.0\(3\)n1\(1b\)

cisconx-osMatch5.0\(3\)n1\(1c\)

cisconx-osMatch5.0\(3\)n2\(1\)

cisconx-osMatch5.0\(3\)n2\(2\)

cisconx-osMatch5.0\(3\)n2\(2a\)

cisconx-osMatch5.0\(3\)n2\(2b\)

cisconx-osMatch5.0\(3\)u1\(1a\)

cisconx-osMatch5.0\(3\)u1\(1b\)

cisconx-osMatch5.0\(3\)u1\(1d\)

cisconx-osMatch5.0\(3\)u1\(2\)

cisconx-osMatch5.0\(3\)u1\(2a\)

cisconx-osMatch5.0\(3\)u2\(1\)

ciscounified_computing_system_infrastructure_and_unified_computing_system_softwareMatch1.4\(1j\)

AND

cisconexus_3016qMatch-

cisconexus_3048Match-

cisconexus_3064tMatch-

cisconexus_3064xMatch-

cisconexus_3548Match-

Node

cisconx-osMatch5.0

cisconx-osMatch5.0\(2\)

cisconx-osMatch5.0\(2\)n1\(1\)

cisconx-osMatch5.0\(2\)n2\(1\)

cisconx-osMatch5.0\(2\)n2\(1a\)

cisconx-osMatch5.0\(2a\)

cisconx-osMatch5.0\(3\)

cisconx-osMatch5.0\(3\)n1\(1\)

cisconx-osMatch5.0\(3\)n1\(1a\)

cisconx-osMatch5.0\(3\)n1\(1b\)

cisconx-osMatch5.0\(3\)n1\(1c\)

cisconx-osMatch5.0\(3\)n2\(1\)

cisconx-osMatch5.0\(3\)n2\(2\)

cisconx-osMatch5.0\(3\)n2\(2a\)

cisconx-osMatch5.0\(3\)n2\(2b\)

cisconx-osMatch5.0\(3\)u1\(1a\)

cisconx-osMatch5.0\(3\)u1\(1b\)

cisconx-osMatch5.0\(3\)u1\(1d\)

cisconx-osMatch5.0\(3\)u1\(2\)

cisconx-osMatch5.0\(3\)u1\(2a\)

cisconx-osMatch5.0\(3\)u2\(1\)

cisconx-osMatch5.0\(3\)u2\(2\)

cisconx-osMatch5.0\(3\)u2\(2a\)

cisconx-osMatch5.0\(3\)u2\(2b\)

cisconx-osMatch5.0\(3\)u2\(2c\)

cisconx-osMatch5.0\(3\)u2\(2d\)

cisconx-osMatch5.0\(3\)u3\(1\)

cisconx-osMatch5.0\(3\)u3\(2\)

cisconx-osMatch5.0\(3\)u3\(2a\)

cisconx-osMatch5.0\(3\)u3\(2b\)

cisconx-osMatch5.0\(3\)u4\(1\)

cisconx-osMatch5.0\(3\)u5\(1\)

cisconx-osMatch5.0\(3\)u5\(1a\)

cisconx-osMatch5.0\(3\)u5\(1b\)

cisconx-osMatch5.0\(3\)u5\(1c\)

cisconx-osMatch5.0\(3\)u5\(1d\)

cisconx-osMatch5.0\(3\)u5\(1e\)

cisconx-osMatch5.0\(5\)

cisconx-osMatch5.1

cisconx-osMatch5.1\(1\)

cisconx-osMatch5.1\(1a\)

cisconx-osMatch5.1\(2\)

cisconx-osMatch5.1\(3\)

AND

cisconexus_5000Match-

cisconexus_5010Match-

cisconexus_5010p_switchMatch-

cisconexus_5020Match-

cisconexus_5020p_switchMatch-

cisconexus_5548pMatch-

cisconexus_5548upMatch-

cisconexus_5596upMatch-

Node

cisconx-osMatch4.1.\(2\)

AND

cisconexus_4001iMatch-

CPENameOperatorVersion
cisco:unified_computing_system_6120xp_fabric_interconnectcisco unified computing system 6120xp fabric interconnecteq-
cisco:unified_computing_system_6140xp_fabric_interconnectcisco unified computing system 6140xp fabric interconnecteq-
cisco:unified_computing_system_6248up_fabric_interconnectcisco unified computing system 6248up fabric interconnecteq-
cisco:unified_computing_system_6296up_fabric_interconnectcisco unified computing system 6296up fabric interconnecteq-
cisco:unified_computing_system_infrastructure_and_unified_computing_system_softwarecisco unified computing system infrastructure and unified computing system softwareeq1.4\(1j\)

CPE	Name	Operator	Version
cisco:unified_computing_system_6120xp_fabric_interconnect	cisco unified computing system 6120xp fabric interconnect	eq	-
cisco:unified_computing_system_6140xp_fabric_interconnect	cisco unified computing system 6140xp fabric interconnect	eq	-
cisco:unified_computing_system_6248up_fabric_interconnect	cisco unified computing system 6248up fabric interconnect	eq	-
cisco:unified_computing_system_6296up_fabric_interconnect	cisco unified computing system 6296up fabric interconnect	eq	-
cisco:unified_computing_system_infrastructure_and_unified_computing_system_software	cisco unified computing system infrastructure and unified computing system software	eq	1.4\(1j\)