Vulnerability Details CVE-2007-1257
The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 85.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/33066
- http://secunia.com/advisories/24344
- http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
- http://www.kb.cert.org/vuls/id/472412
- http://www.securityfocus.com/bid/22751
- http://www.securitytracker.com/id?1017710
- http://www.vupen.com/english/advisories/2007/0783
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
- http://osvdb.org/33066
- http://secunia.com/advisories/24344
- http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
- http://www.kb.cert.org/vuls/id/472412
- http://www.securityfocus.com/bid/22751
- http://www.securitytracker.com/id?1017710
- http://www.vupen.com/english/advisories/2007/0783
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
Products affected by CVE-2007-1257
-
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1(1a)
-
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1(1a)
-
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2(1a)
-
cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1(1a)
-
cpe:2.3:h:cisco:network_analysis_module:-