CVE-2007-1257

Cisco Network Analysis Module - Remote Code Execution via Spoofed SNMP Packets

Title source: llm
STIX 2.1

Description

The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address.

References (9)

Core 9
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/472412
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0783
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24344
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22751
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/33066
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1017710

Scores

EPSS 0.0681
EPSS Percentile 93.3%

Details

CWE
CWE-20
Status published
Products (10)
cisco/catalyst_6000_ws-svc-nam-1 2.2\(1a\)
cisco/catalyst_6000_ws-svc-nam-2 2.2\(1a\)
cisco/catalyst_6000_ws-x6380-nam 3.1\(1a\)
cisco/catalyst_6500_ws-svc-nam-1 2.2\(1a\)
cisco/catalyst_6500_ws-svc-nam-2 2.2\(1a\)
cisco/catalyst_6500_ws-x6380-nam 3.1\(1a\)
cisco/catalyst_7600_ws-svc-nam-1 2.2\(1a\)
cisco/catalyst_7600_ws-svc-nam-2 2.2\(1a\)
cisco/catalyst_7600_ws-x6380-nam 3.1\(1a\)
cisco/network_analysis_module
Published Mar 03, 2007
Tracked Since Feb 18, 2026