CVE-2016-1455

Published Oct 5, 2016

Last updated 3 years ago

CVSS high 7.5

Overview

Description: Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "108374E9-8814-41C4-9474-6EE3AF24D71F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1a\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C775E53-781D-4426-A59B-DB65D697A844"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1b\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "619DEAAE-3356-4079-8CC8-F477FCA18199"
          },
          {
            "criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99909A45-A094-4706-B2BA-C6E352235724"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F309E7B9-B828-4CD2-9D2B-8966EE5B9CC1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_n9336pq:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2222B619-10DD-4CDF-B52B-D10F21436707"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References