CVE-2016-1455

Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
cisconx-os
7.0\(3\)
cisconx-os
7.0\(3\)i1\(1\)
cisconx-os
7.0\(3\)i1\(1a\)
cisconx-os
7.0\(3\)i1\(1b\)
cisconx-os
7.0\(3\)i1\(2\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo
http://www.securityfocus.com/bid/93415
http://www.securitytracker.com/id/1036957
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo
http://www.securityfocus.com/bid/93415
http://www.securitytracker.com/id/1036957