CVE-2013-1208
First published: Wed May 29 2013(Updated: )
The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers to intercept or modify network traffic by leveraging certain Layer 2 or Layer 3 access, aka Bug ID CSCud14691.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | ||
| Cisco Nexus 1000V for Hyper-V |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1208?
CVE-2013-1208 is classified as a high severity vulnerability due to its potential to allow remote attackers to intercept or modify network traffic.
How do I fix CVE-2013-1208?
To mitigate CVE-2013-1208, it's recommended to upgrade to a fixed version of Cisco NX-OS as provided by Cisco's security advisory.
What are the consequences of CVE-2013-1208?
The consequences of CVE-2013-1208 include unauthorized interception or modification of network traffic between the VSM and VEM.
Which software is affected by CVE-2013-1208?
CVE-2013-1208 affects Cisco NX-OS, specifically version running on the Nexus 1000V.
Can CVE-2013-1208 be exploited remotely?
Yes, CVE-2013-1208 can be exploited remotely if the attacker has access to certain Layer 2 or Layer 3 networks.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- canonical/cisco nexus 1000v for hyper-v