Lucene search

CiscoCVE-2014-3330

HistoryAug 11, 2014 - 10:55 p.m.

CVE-2014-3330

2014-08-1122:55:04

CWE-264

cisco

web.nvd.nist.gov

cisco

nx-os

nexus 9000

remote attackers

access restrictions

bug id cscuo02489

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.

Affected configurations

Nvd

Node

cisconx-osMatch6.1\(2\)i2\(1\)

AND

cisconexus_9000Match-

VendorProductVersionCPE
cisconexus_9000-cpe:/h:cisco:nexus_9000:-:::
cisconx-os6.1%282%29i2%281%29cpe:/o:cisco:nx-os:6.1%282%29i2%281%29:::

Vendor	Product	Version	CPE
cisco	nexus_9000	-	cpe:/h:cisco:nexus_9000:-:::
cisco	nx-os	6.1%282%29i2%281%29	cpe:/o:cisco:nx-os:6.1%282%29i2%281%29:::

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3330

tools.cisco.com/security/center/viewAlert.x?alertId=35181

www.securityfocus.com/bid/69057

www.securitytracker.com/id/1030676

exchange.xforce.ibmcloud.com/vulnerabilities/95122

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.004

Percentile

73.2%

JSON

Related for CVE-2014-3330