CVE-2013-5556
Published Nov 18, 2013
Last updated 11 years ago
Overview
- Description
- The license-installation module on the Cisco Nexus 1000V switch 4.2(1)SV1(5.2b) and earlier for VMware vSphere, Cisco Nexus 1000V switch 5.2(1)SM1(5.1) for Microsoft Hyper-V, and Cisco Virtual Security Gateway 4.2(1)VSG1(1) for Nexus 1000V switches allows local users to gain privileges and execute arbitrary commands via crafted "install all iso" arguments, aka Bug ID CSCui21340.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)vsg1\\(1\\):-:*:*:*:nexus_1000v:*:*",
"vulnerable": true,
"matchCriteriaId": "AA97328A-5DF2-4C01-99C4-1D24077A9A1F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:5.2\\(1\\)sm1\\(5.1\\):-:*:*:*:microsoft_hyper-v:*:*",
"vulnerable": true,
"matchCriteriaId": "C6B1D4A5-9F33-487C-A798-096CA1F1B9D3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:*:-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "73EFA484-4033-4868-A733-F65B02B7B752",
"versionEndIncluding": "4.2\\(1\\)sv1\\(5.2b\\)"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)_sv1\\(4\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "64AD054B-953C-46F1-99A3-AB3DE35FE695"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)_sv1\\(4a\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "9C9675A0-9933-4EA9-991D-D3B6F775F88C"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)_sv1\\(4b\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "75BF9F0F-980B-4BD0-B48B-A8191B660889"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)sv1\\(5.1\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "719A5726-4049-4BDD-8BF9-41E2D8E8FF41"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)sv1\\(5.1a\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "5A87AEED-3CC1-4D78-9F31-9CF9702351D7"
},
{
"criteria": "cpe:2.3:h:cisco:nexus_1000v:4.2\\(1\\)sv1\\(5.2\\):-:*:*:*:vmware_vsphere:*:*",
"vulnerable": true,
"matchCriteriaId": "B59A502A-467B-464B-9B81-46D08B75ED84"
}
],
"operator": "OR"
}
]
}
]