CVE-2013-1211

Cisco NX-OS - Privilege Escalation

Title source: llm

Description

Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832.

References (1)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1211

Scores

EPSS 0.0035

EPSS Percentile 57.4%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

cisco/nx-os

Timeline

Published May 29, 2013

Tracked Since Feb 18, 2026