Nexus 7K and 5K - BASH Vulnerability

Uploaded by

jarungasis

0% found this document useful (0 votes)

103 views3 pages

law

Copyright

Available Formats

DOCX, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

law

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

103 views3 pages

Nexus 7K and 5K - BASH Vulnerability

Uploaded by

jarungasis

law

Copyright:

Available Formats

Download as DOCX, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 3

Search inside document

Bug Search

CSCur05017
N5K/N6K evaluation for CVE-2014-6271 and CVE-2014-7169
CSCur05017

Description
Symptom:
Symptoms:
The N5k/N6K product family includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-7169
This bug has been opened to address the potential impact on this product.
All current versions of NX-OS on this platform are affected unless otherwise stated.. This bug will be updated with
detailed affected and fixed software versions once fixed software is available.
Exposure is not configuration dependent.
Authentication is required to exploit this vulnerability.
Conditions:
Conditions:
Telnet, SSH, HTTP (feature http-server) are attack vectors.
A user must first successfully log in and authenticate via SSH to trigger this vulnerability.
Exposure is not configuration dependant.
Workaround:
Workaround:
Not available.
More Info:
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?
dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

Bug Search

CSCur04856
Nexus 7000 evaluation for CVE-2014-6271 and CVE-2014-7169
CSCuq98748
Description
Symptom:
The Nexus 7000 includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-6277
CVE-2014-7169
CVE-2014-6278
CVE-2014-7186
CVE-2014-7187
This bug has been opened to address the potential impact on this product.
All current versions of NX-OS on this platform are affected unless otherwise stated
.
Exposure is not configuration dependent.
Authentication is required to exploit this vulnerability.
This bug is fixed in NX-OS versions specified below:
5.2(9a)
6.1(5a)
6.2(8b)
6.2(10) and above

Conditions:
A user must first successfully log in and authenticate via SSH to trigger this vulnerability.
Workaround:
Not available.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?
dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609) PDF
Document3 pages
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609) PDF
Mohaideen
No ratings yet
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)
Document3 pages
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)
Mohaideen
No ratings yet
Scan Report CRM
Document17 pages
Scan Report CRM
Web Sploit
No ratings yet
Cisco CEV 29-01-2018
Document2 pages
Cisco CEV 29-01-2018
Dawid Dudek
No ratings yet
Ssa-354910: Smbv1 Vulnerabilities in Syngo Multimodality Workplace (MMWP) Products From Siemens Healthineers
Document3 pages
Ssa-354910: Smbv1 Vulnerabilities in Syngo Multimodality Workplace (MMWP) Products From Siemens Healthineers
الراصد طبي
No ratings yet
Firmware Patch Notes: Firmware: FW1.06B01 BETA Hardware: Ax Date: November 29, 2017
Document2 pages
Firmware Patch Notes: Firmware: FW1.06B01 BETA Hardware: Ax Date: November 29, 2017
Makkay Zoltan
No ratings yet
Sample Vulnerability Assessment Report PurpleSec
Document16 pages
Sample Vulnerability Assessment Report PurpleSec
Balaji Rajaraman
100% (2)
42130
Document5 pages
42130
navid kamrava
No ratings yet
VR 7.5.0 PDF
Document15 pages
VR 7.5.0 PDF
Fernando Prieto
No ratings yet
Print Spooler Remote Code
Document3 pages
Print Spooler Remote Code
Stanly Jebaroons S
No ratings yet
Websitechuyennghiep VN Asx2z7
Document115 pages
Websitechuyennghiep VN Asx2z7
Dung Nguyen Hoai
No ratings yet
This Document Gives Steps To Upgrade SVC Console From Version 5.1.0.680 To 5.1.0.707 and SVC Firmware Code From Version 5.1.0.5 To Version 5.1.0.11
Document17 pages
This Document Gives Steps To Upgrade SVC Console From Version 5.1.0.680 To 5.1.0.707 and SVC Firmware Code From Version 5.1.0.5 To Version 5.1.0.11
ik reddy
No ratings yet
2022 Staticspeed Vunerability Report Template
Document57 pages
2022 Staticspeed Vunerability Report Template
planeta zesk
No ratings yet
Vulnerability Summary For The Week of August 3, 2015
Document31 pages
Vulnerability Summary For The Week of August 3, 2015
Syeda Ashifa Ashrafi Papia
No ratings yet
CheckPointWP SCVDeepDive v2 MLB 30AUG2019
Document7 pages
CheckPointWP SCVDeepDive v2 MLB 30AUG2019
Mehmet Kalayci
No ratings yet
2PAA121231 - C - en - SECURITY Multiple Vulnerabilities in ABB Central Licensing System
Document7 pages
2PAA121231 - C - en - SECURITY Multiple Vulnerabilities in ABB Central Licensing System
Vishnu Patidar
No ratings yet
Universal Network Solutions Inc
Document15 pages
Universal Network Solutions Inc
Chandu Nsa
No ratings yet
WCT - F0o7fo
Document238 pages
WCT - F0o7fo
kamidikamalakar
No ratings yet
Multiple Vulnerabilities
Document4 pages
Multiple Vulnerabilities
JDaemon7
No ratings yet
Access71 Security Update 2017-08 AIX RL
Document14 pages
Access71 Security Update 2017-08 AIX RL
Oscar Alberto Zambrano
No ratings yet
ABBVU-PGGA-36052 ABB SoftwareVulnerabilityHandlingAdvisory SYS600 SentinelHASP
Document5 pages
ABBVU-PGGA-36052 ABB SoftwareVulnerabilityHandlingAdvisory SYS600 SentinelHASP
chupzpt
No ratings yet
5.vulnerability Analysis
Document18 pages
5.vulnerability Analysis
bhumika.verma00
100% (1)
10 198 212 185 Ub1537
Document173 pages
10 198 212 185 Ub1537
bhargav reddy
No ratings yet
Siemens Simatic Pcs7 - List of Security Vulnerabilities
Document2 pages
Siemens Simatic Pcs7 - List of Security Vulnerabilities
Jemerald
No ratings yet
Exploit DB, CVE, GIT and Ports
Document4 pages
Exploit DB, CVE, GIT and Ports
Quratulain Tariq
No ratings yet
How Israel Rules The World of Cyber Security, VICE On HBO, Full Episode
Document34 pages
How Israel Rules The World of Cyber Security, VICE On HBO, Full Episode
salim slem
No ratings yet
Sample Network Vulnerability Assessment Report: Sales@purplesec - Us
Document5 pages
Sample Network Vulnerability Assessment Report: Sales@purplesec - Us
Фарида Таджибаева
No ratings yet
A Look at CVE-2014-6271 (Shellshock)
Document6 pages
A Look at CVE-2014-6271 (Shellshock)
Markus Kitsinger
No ratings yet
3ADR011211 AC500 V3 - Multiple RCE and DoS Vulnerabilities in The CODESYS Protocol
Document6 pages
3ADR011211 AC500 V3 - Multiple RCE and DoS Vulnerabilities in The CODESYS Protocol
Mohamed MOUCHRIF
No ratings yet
Red Hat Open Approach Vulnerability Management 1 - 2
Document23 pages
Red Hat Open Approach Vulnerability Management 1 - 2
JFL
No ratings yet
Vulnerability Management
Document2 pages
Vulnerability Management
Deepan
No ratings yet
IS499 Final Project
Document6 pages
IS499 Final Project
Grantham University
No ratings yet
Pexip Infinity Upgrading Quickguide V32.1.a
Document4 pages
Pexip Infinity Upgrading Quickguide V32.1.a
ozz12345
No ratings yet
RedHat Tamwebinarsecurityandvulnerability1669332944873
Document78 pages
RedHat Tamwebinarsecurityandvulnerability1669332944873
Rahmat Suhatman
No ratings yet
Product Support Notice: Avaya Proprietary - Use Pursuant To The Terms of Your Signed Agreement or Company Policy
Document3 pages
Product Support Notice: Avaya Proprietary - Use Pursuant To The Terms of Your Signed Agreement or Company Policy
Bela
No ratings yet
Kaspersky security center
From Everand
Kaspersky security center
Mohammed Haytham Khabbaz samkary
No ratings yet
ESAPI Security Bulletin1
Document4 pages
ESAPI Security Bulletin1
Snig Kav
No ratings yet
09 M7 Vulnerability
Document8 pages
09 M7 Vulnerability
Trung Lưu
No ratings yet
Sed Acap Manual 1.0.0 en
Document25 pages
Sed Acap Manual 1.0.0 en
Eduardo Luiz
No ratings yet
Vsphere Esxi Vcenter Server 601 Troubleshooting Guide
Document104 pages
Vsphere Esxi Vcenter Server 601 Troubleshooting Guide
Steven
No ratings yet
Lab #5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
Document4 pages
Lab #5: How To Identify Risks, Threats & Vulnerabilities in An It Infrastructure Using Zenmap Gui (Nmap) & Nessus® Reports
Hờ Bờ Lờ
100% (1)
Vcs Quickstart
Document32 pages
Vcs Quickstart
ag_atul
No ratings yet
Synopsis - Live Streaming
Document5 pages
Synopsis - Live Streaming
Prashant Kumar
No ratings yet
IBM API Connect Installation On Windows
Document2 pages
IBM API Connect Installation On Windows
Arunachalam Sekar
No ratings yet
Intrusion Detection: Title of The Project: Project Architecture SDLC Methodologies
Document5 pages
Intrusion Detection: Title of The Project: Project Architecture SDLC Methodologies
Praveennallavelly Babu
No ratings yet
Networkvulnerability Scan Sample Report
Document4 pages
Networkvulnerability Scan Sample Report
Venâncio Guedes
No ratings yet
Sevd 2023 101 04
Document5 pages
Sevd 2023 101 04
subarusyd143
No ratings yet
CVE-2010-3978 Spree E-Commerce JSON Hijacking Vulnerabilities
Document5 pages
CVE-2010-3978 Spree E-Commerce JSON Hijacking Vulnerabilities
Conviso Application Security
No ratings yet
Free Fingerprint Verification SDK
Document92 pages
Free Fingerprint Verification SDK
niluxer
No ratings yet
Vulnera Bili Dad Es 7
Document1 page
Vulnera Bili Dad Es 7
Miguel Angel
No ratings yet
Principal Security Engineer and Security Researcher: Filipi Pires
Document19 pages
Principal Security Engineer and Security Researcher: Filipi Pires
Rodrigo Juan
No ratings yet
Jishan-LAB2-Metasploit-3 Report-Merged
Document15 pages
Jishan-LAB2-Metasploit-3 Report-Merged
Ali Jishan
No ratings yet
Vulnera Bili Dad Es 11
Document1 page
Vulnera Bili Dad Es 11
Miguel Angel
No ratings yet
Anyconnect Secure Mobility Connection Error: "The VPN Client Was Unable To Setup Ip Filtering"
Document5 pages
Anyconnect Secure Mobility Connection Error: "The VPN Client Was Unable To Setup Ip Filtering"
Dhiraj Singh
No ratings yet
Nessus and OpenVAS
Document4 pages
Nessus and OpenVAS
Nikhil Amodkar
No ratings yet
Spectre and Meltdown Vulnerability's Mitigation Plan.: 17 Januari 2018
Document13 pages
Spectre and Meltdown Vulnerability's Mitigation Plan.: 17 Januari 2018
jagadeswara raju
No ratings yet
Documento1 2
Document4 pages
Documento1 2
hajodocumento
No ratings yet
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
From Everand
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
Devi Prasad
No ratings yet
Certifiable Software Applications 1: Main Processes
From Everand
Certifiable Software Applications 1: Main Processes
Jean-Louis Boulanger
No ratings yet
Assignment 5
Document2 pages
Assignment 5
nandini swami
No ratings yet
Scribd Downloader, Issuu Downloader
Document9 pages
Scribd Downloader, Issuu Downloader
Ussuillo Ussuillo
0% (3)
Chap6 HTML Lists
Document32 pages
Chap6 HTML Lists
Has Liza
No ratings yet
7 Time Finder Clone
Document5 pages
7 Time Finder Clone
yugi17
No ratings yet
Ascent - Portable LED Display System - Brochure
Document4 pages
Ascent - Portable LED Display System - Brochure
john Bronson
No ratings yet
The Future of Video Games
Document2 pages
The Future of Video Games
Giovanni Giorgio
No ratings yet
System Architecture Template
Document8 pages
System Architecture Template
OpticalBoy
No ratings yet
OWASP Code Review Guide-V1 1
Document222 pages
OWASP Code Review Guide-V1 1
jjcmendes
No ratings yet
Capstone Wharton Foundations Business
Document43 pages
Capstone Wharton Foundations Business
Rahul Nair
80% (5)
DFD
Document6 pages
DFD
Amit Bhartiya
100% (1)
FTK InstallGuide
Document21 pages
FTK InstallGuide
Joelson De Souza Farias
No ratings yet
CMD Command
Document17 pages
CMD Command
Swagat Khatai
No ratings yet
Hpe Man DP10.00 Admin PDF
Document14 pages
Hpe Man DP10.00 Admin PDF
Nguyễn Trọng Trường
No ratings yet
FTK InstallGuide
Document18 pages
FTK InstallGuide
Philip Nwachukwu
No ratings yet
Action Details For Cisco IP Communicator 8.6.3.0 in MSI 32 Bit
Document248 pages
Action Details For Cisco IP Communicator 8.6.3.0 in MSI 32 Bit
filipe nachtigal
No ratings yet
TSPSC Group 4 Secretarial Ability Paper 1 (Held in - 2018) English
Document33 pages
TSPSC Group 4 Secretarial Ability Paper 1 (Held in - 2018) English
zeenath salma
No ratings yet
Laboratory Exercise: Bank Information and Item Groups
Document4 pages
Laboratory Exercise: Bank Information and Item Groups
Dong Rosello
No ratings yet
Toshiba
Document156 pages
Toshiba
Joshua Smith
No ratings yet
Career Objective:: Anitha.D
Document2 pages
Career Objective:: Anitha.D
Sankar Ami
No ratings yet
CP
Document1 page
CP
jesudosss
No ratings yet
R&D SDK Project (AUT Uni) Date Who Description Task List Start End Billable Billed Time Hours
Document2 pages
R&D SDK Project (AUT Uni) Date Who Description Task List Start End Billable Billed Time Hours
Joni Pablo
No ratings yet
How To Configure An RSView Data Log Model To Log To A Microsoft Access Database Using ODBC
Document1 page
How To Configure An RSView Data Log Model To Log To A Microsoft Access Database Using ODBC
Aaron Wilzig
100% (2)
SOP For Online Fraud
Document3 pages
SOP For Online Fraud
vikram270693
No ratings yet
Prachi Patil SAP Azure Architect
Document2 pages
Prachi Patil SAP Azure Architect
prachi
No ratings yet
A 560HD-Camera-System
Document4 pages
A 560HD-Camera-System
Fernando Arroyo Sanchez
No ratings yet
Canon Scanners DR M160 Specifications Brochure - Ashx Au PDF
Document2 pages
Canon Scanners DR M160 Specifications Brochure - Ashx Au PDF
Ade Betit
No ratings yet
Errolog Financeiro
Document4 pages
Errolog Financeiro
Jefferson Douglas
No ratings yet
Sns DG PDF
Document241 pages
Sns DG PDF
Aleksandar Sasa Otasevic
No ratings yet
License: 7z Format Lzma SDK Download FAQ Support Links
Document2 pages
License: 7z Format Lzma SDK Download FAQ Support Links
Michail Chatziasemidis
No ratings yet