Vulnerability Details CVE-2016-1455
Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo
- http://www.securityfocus.com/bid/93415
- http://www.securitytracker.com/id/1036957
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo
- http://www.securityfocus.com/bid/93415
- http://www.securitytracker.com/id/1036957
Products affected by CVE-2016-1455
-
cpe:2.3:h:cisco:nexus_93128:-
-
cpe:2.3:h:cisco:nexus_9396px:-
-
cpe:2.3:h:cisco:nexus_9396tx:-
-
cpe:2.3:h:cisco:nexus_9504:-
-
cpe:2.3:h:cisco:nexus_9508:-
-
cpe:2.3:h:cisco:nexus_9516:-
-
cpe:2.3:h:cisco:nexus_n9336pq:-
-
cpe:2.3:o:cisco:nx-os:7.0(3)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i1(1)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i1(1a)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i1(1b)
-
cpe:2.3:o:cisco:nx-os:7.0(3)i1(2)