CVE-2013-1178
Cisco NX-OS - Remote Code Execution via Malformed CDP Packets
Title source: llmDescription
Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-nxosmulti
Scores
EPSS
0.0137
EPSS Percentile
68.7%
Details
CWE
CWE-119
Status
published
Products (50)
cisco/cg-os
cg1
cisco/cg-os
cg2
cisco/cg-os
cg3
cisco/cg-os
< cg4
cisco/connected_grid_router_1000
cisco/mds_9000
cisco/nexus_1000v
cisco/nexus_3000
cisco/nexus_3016q
cisco/nexus_3048
... and 40 more
Published
Apr 25, 2013
Tracked Since
Feb 18, 2026