var-201301-0151
Vulnerability from variot
Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300. The Cisco Nexus Series switches are data center switches. Adopt the Cisco Nexus OS operating system. There is a denial of service attack on the Cisco Nexus 7000. Allows authenticated attackers to consume large amounts of memory and system resources. This vulnerability is only triggered when a lower-density card replaces a higher-density line-card in the same slot. This issue is being tracked by Cisco Bug ID CSCud44300. Cisco NX-OS is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201301-0151",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 10-slot",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 9-slot",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 18-slot",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 10 slot switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 18 slot switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 9 slot switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nexus 7000 series switch",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "nx-os on nexus series switches",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7000"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nx os",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nexus 7000",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nexus 7000 10 slot",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nexus 7000 18 slot",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "nexus 7000 9 slot",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "BID",
"id": "57482"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nx-os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_7000_9-slot:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6396"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "57482"
}
],
"trust": 0.3
},
"cve": "CVE-2012-6396",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 4.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-6396",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "21781f34-2353-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-59677",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6396",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201301-392",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-59677",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-59677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco NX-OS on Nexus 7000 series switches does not properly handle certain line-card replacements, which might allow remote authenticated users to cause a denial of service (memory consumption) via a crafted configuration that references interfaces that do not exist on the new card, aka Bug ID CSCud44300. The Cisco Nexus Series switches are data center switches. Adopt the Cisco Nexus OS operating system. There is a denial of service attack on the Cisco Nexus 7000. Allows authenticated attackers to consume large amounts of memory and system resources. This vulnerability is only triggered when a lower-density card replaces a higher-density line-card in the same slot. \nThis issue is being tracked by Cisco Bug ID CSCud44300. \nCisco NX-OS is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "BID",
"id": "57482"
},
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-59677"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6396",
"trust": 3.6
},
{
"db": "SECTRACK",
"id": "1028018",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-00459",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220",
"trust": 0.8
},
{
"db": "CISCO",
"id": "20130110 CISCO NEXUS 7000 DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "57482",
"trust": 0.4
},
{
"db": "IVD",
"id": "21781F34-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-59677",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "VULHUB",
"id": "VHN-59677"
},
{
"db": "BID",
"id": "57482"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"id": "VAR-201301-0151",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "VULHUB",
"id": "VHN-59677"
}
],
"trust": 1.5737394999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
}
]
},
"last_update_date": "2023-12-18T12:21:50.582000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2012-6396",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2012-6396"
},
{
"title": "Patch for Cisco NX-OS on Nexus 7000 Remote Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/30731"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59677"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2012-6396"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1028018"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6396"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6396"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "VULHUB",
"id": "VHN-59677"
},
{
"db": "BID",
"id": "57482"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"db": "VULHUB",
"id": "VHN-59677"
},
{
"db": "BID",
"id": "57482"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-23T00:00:00",
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"date": "2013-01-19T00:00:00",
"db": "VULHUB",
"id": "VHN-59677"
},
{
"date": "2013-01-10T00:00:00",
"db": "BID",
"id": "57482"
},
{
"date": "2013-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"date": "2013-01-19T20:55:01.043000",
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"date": "2013-01-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00459"
},
{
"date": "2013-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-59677"
},
{
"date": "2013-01-10T00:00:00",
"db": "BID",
"id": "57482"
},
{
"date": "2013-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001220"
},
{
"date": "2013-02-02T05:10:50.817000",
"db": "NVD",
"id": "CVE-2012-6396"
},
{
"date": "2013-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco NX-OS on Nexus 7000 Remote Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00459"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource management error",
"sources": [
{
"db": "IVD",
"id": "21781f34-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-392"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.