OPERATIONAL DEFECT DATABASE
...
...
Advisory ID: cisco-sa-20140521-nxos Revision 1.0 For Public Release 2014 May 21 16:00 UTC (GMT) Summary ======= Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by one or more of the following vulnerabilities: * Cisco NX-OS Virtual Device Context SSH Privilege Escalation Vulnerability * Cisco NX-OS Virtual Device Context SSH Key Privilege Escalation Vulnerability * Cisco NX-OS-Based Products Smart Call Home Buffer Overflow Vulnerability * Cisco NX-OS Message Transfer Service Denial of Service Vulnerability Cisco has released free software updates that address these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos
A device running an affected version of software.
None
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.6/6.3: http://tools.cisco.com/security/center/cvssCalculator.x?vector=AV:N/AC:H/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C&version=2.0 CVE ID CVE-2014-3261 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Click on a version to see all relevant bugs
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
