The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
21 Nov 2024, 02:23
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=38062 - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1031992 - |
Information
Published : 2015-03-28 01:59
Updated : 2024-11-21 02:23
NVD link : CVE-2015-0658
Mitre link : CVE-2015-0658
CVE.ORG link : CVE-2015-0658
JSON object : View
Products Affected
cisco
- nexus_56128p
- nexus_5696q
- nexus_5672up
- nexus_5010
- nexus_3048
- nexus_9396tx
- nexus_3164q
- nexus_9516
- nexus_5596t
- nexus_7000
- nexus_5548p
- nexus_5548up
- nexus_3524
- nexus_3548
- nx-os
- nexus_6001
- nexus_3172
- nexus_3064
- nexus_7700
- nexus_9508
- nexus_3132q
- nexus_6004
- nexus_9372px
- nexus_5648q
- nexus_5624q
- nexus_9396px
- nexus_5020
- nexus_93128tx
- nexus_93120tx
- nexus_9372tx
- nexus_9504
- nexus_3016
- nexus_9332pq
- nexus_9336pq_aci_spine
- nexus_5596up
CWE
CWE-20
Improper Input Validation