CVE-2013-5556

The license-installation module on the Cisco Nexus 1000V switch 4.2(1)SV1(5.2b) and earlier for VMware vSphere, Cisco Nexus 1000V switch 5.2(1)SM1(5.1) for Microsoft Hyper-V, and Cisco Virtual Security Gateway 4.2(1)VSG1(1) for Nexus 1000V switches allows local users to gain privileges and execute arbitrary commands via crafted "install all iso" arguments, aka Bug ID CSCui21340.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
VendorProductVersion
cisconexus_1000v
4.2\(1\)vsg1\(1\)
cisconexus_1000v
5.2\(1\)sm1\(5.1\)
cisconexus_1000v
𝑥
≤ 4.2\(1\)sv1\(5.2b\)
cisconexus_1000v
4.2\(1\)_sv1\(4\)
cisconexus_1000v
4.2\(1\)_sv1\(4a\)
cisconexus_1000v
4.2\(1\)_sv1\(4b\)
cisconexus_1000v
4.2\(1\)sv1\(5.1\)
cisconexus_1000v
4.2\(1\)sv1\(5.1a\)
cisconexus_1000v
4.2\(1\)sv1\(5.2\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5556
http://tools.cisco.com/security/center/viewAlert.x?alertId=31774
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5556
http://tools.cisco.com/security/center/viewAlert.x?alertId=31774