CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
52.7%
Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | nx-os | - | cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:* |
cisco | nexus_1000v | - | cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:* |