CVE-2013-1211
First published: Wed May 29 2013(Updated: )
Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco NX-OS | ||
| Cisco Nexus 1000 Virtual Edge |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2013-1211?
CVE-2013-1211 has a medium severity rating due to its potential to allow remote access through spoofed packets.
How do I fix CVE-2013-1211?
To fix CVE-2013-1211, upgrade to the latest version of Cisco NX-OS that addresses this vulnerability.
Who is affected by CVE-2013-1211?
CVE-2013-1211 affects users of Cisco NX-OS on the Nexus 1000V in environments utilizing Virtual Ethernet Modules.
What type of attacks can exploit CVE-2013-1211?
CVE-2013-1211 can be exploited via spoofed STUN packets or through a crafted VMware ESXi instance.
Is there a workaround for CVE-2013-1211?
Currently, the recommended approach for CVE-2013-1211 is to apply the security updates provided by Cisco.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco nx-os
- canonical/cisco nexus 1000 virtual edge