- Description
- Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catos:5.5\\(5\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9627888A-F522-4A41-8B14-F0E7096509FB"
},
{
"criteria": "cpe:2.3:o:cisco:catos:6.3\\(5\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD776AC3-A10E-4B4C-BCB9-1DB1781DDA70"
},
{
"criteria": "cpe:2.3:o:cisco:catos:7.1\\(2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F47A997-B2A5-459D-8089-12B2AB438FB0"
}
],
"operator": "OR"
}
]
}
]