Detections
Analytics

Cisco Open Network Environment Platform Unvalidated Pointer (CSCui51551)

medium Nessus Plugin ID 70399

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A vulnerability in the Open Network Environment Platform (ONEP) could allow an authenticated, remote attacker to cause the network element to reload.

The vulnerability is due to insufficient pointer validation. An attacker could exploit this vulnerability by sending a crafted packet to an ONEP-enabled network element. Successful exploitation could allow the attacker to cause the network element to reload.

Solution

Apply the patch referenced in Cisco bug ID CSCui51551.

See Also

http://www.nessus.org/u?f77b5da1

Plugin Details

Severity: Medium

ID: 70399

File Name: cisco-sn-CSCui51551-nxos.nasl

Version: 1.5

Type: combined

Family: CISCO

Published: 10/11/2013

Updated: 10/29/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 6.3

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:nx-os

Required KB Items: Host/Cisco/NX-OS/Version, Host/Cisco/NX-OS/Model, Host/Cisco/NX-OS/Device

Exploit Ease: No known exploits are available

Patch Publication Date: 9/13/2013

Vulnerability Publication Date: 9/13/2013

Reference Information

CVE: CVE-2013-5496

BID: 62403

CISCO-BUG-ID: CSCui51551