CVE-2014-0685

Published May 7, 2014

Last updated 11 years ago

Overview

Description: Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:cisco_nexus_1000v_intercloud:*:*:*:*:*:vmware:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B27DE979-2025-4745-AB0C-01F214B304B7",
            "versionEndIncluding": "5.2\\(1\\)ic1\\(1.2\\)"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2014-0685
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685
http://tools.cisco.com/security/center/viewAlert.x?alertId=34130

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References