Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Published

2014-05-26T00:25:32.220

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.6 (HIGH)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

4.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	cisco	unified_computing_system_6120xp_fabric_interconnect	-	Yes
Hardware	cisco	unified_computing_system_6140xp_fabric_interconnect	-	Yes
Hardware	cisco	unified_computing_system_6248up_fabric_interconnect	-	Yes
Hardware	cisco	unified_computing_system_6296up_fabric_interconnect	-	Yes
Operating System	cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.4\(1j\)	Yes
Operating System	cisco	cg-os	cg4	Yes
Operating System	cisco	cg-os	cg4\(1\)	Yes
Hardware	cisco	cgr_1120	-	Yes
Hardware	cisco	cgr_1240	-	Yes
Operating System	cisco	nx-os	5.2	Yes
Operating System	cisco	nx-os	5.2\(1\)	Yes
Operating System	cisco	nx-os	5.2\(3\)	Yes
Hardware	cisco	nexus_7000	-	Yes
Hardware	cisco	nexus_7000_10-slot	-	Yes
Hardware	cisco	nexus_7000_18-slot	-	Yes
Hardware	cisco	nexus_7000_9-slot	-	Yes
Operating System	cisco	nx-os	-	Yes
Operating System	cisco	nx-os	5.0	Yes
Operating System	cisco	nx-os	5.0\(2\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n1\(1\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n2\(1\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n2\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1c\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1d\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(1\)	Yes
Operating System	cisco	unified_computing_system_infrastructure_and_unified_computing_system_software	1.4\(1j\)	Yes
Hardware	cisco	nexus_3016q	-	Yes
Hardware	cisco	nexus_3048	-	Yes
Hardware	cisco	nexus_3064t	-	Yes
Hardware	cisco	nexus_3064x	-	Yes
Hardware	cisco	nexus_3548	-	Yes
Operating System	cisco	nx-os	5.0	Yes
Operating System	cisco	nx-os	5.0\(2\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n1\(1\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n2\(1\)	Yes
Operating System	cisco	nx-os	5.0\(2\)n2\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n1\(1c\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)n2\(2b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(1d\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u1\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(2b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(2c\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u2\(2d\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u3\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u3\(2\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u3\(2a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u3\(2b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u4\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1a\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1b\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1c\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1d\)	Yes
Operating System	cisco	nx-os	5.0\(3\)u5\(1e\)	Yes
Operating System	cisco	nx-os	5.0\(5\)	Yes
Operating System	cisco	nx-os	5.1	Yes
Operating System	cisco	nx-os	5.1\(1\)	Yes
Operating System	cisco	nx-os	5.1\(1a\)	Yes
Operating System	cisco	nx-os	5.1\(2\)	Yes
Operating System	cisco	nx-os	5.1\(3\)	Yes
Hardware	cisco	nexus_5000	-	Yes
Hardware	cisco	nexus_5010	-	Yes
Hardware	cisco	nexus_5010p_switch	-	Yes
Hardware	cisco	nexus_5020	-	Yes
Hardware	cisco	nexus_5020p_switch	-	Yes
Hardware	cisco	nexus_5548p	-	Yes
Hardware	cisco	nexus_5548up	-	Yes
Hardware	cisco	nexus_5596up	-	Yes
Operating System	cisco	nx-os	4.1.\(2\)	Yes
Hardware	cisco	nexus_4001i	-	Yes

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos Vendor Advisory ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)