What is the severity of CVE-2014-3261?

CVE-2014-3261 has a high severity rating due to its potential for remote code execution through a buffer overflow.

How do I fix CVE-2014-3261?

To fix CVE-2014-3261, upgrade affected Cisco NX-OS devices to the recommended versions provided in the Cisco security advisory.

What products are affected by CVE-2014-3261?

CVE-2014-3261 affects various Cisco NX-OS devices including the Nexus 3000, 4000, and 5000 series along with the Unified Computing System Fabric Interconnects.

What type of vulnerability is CVE-2014-3261?

CVE-2014-3261 is categorized as a buffer overflow vulnerability in the Smart Call Home functionality.

Can CVE-2014-3261 be exploited remotely?

Yes, CVE-2014-3261 can be exploited remotely, making it critical to apply patches and updates promptly.

Vulnerability/
CVE-2014-3261

high

7.6

CWE

119

24/5/2014

6/8/2024

CVE-2014-3261: Buffer Overflow

First published: Sat May 24 2014(Updated: )

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Unified Computing System 6120xp Fabric Interconnect
Cisco Unified Computing System 6140xp Fabric Interconnect
Cisco UCS 6248UP Fabric Interconnect
Cisco UCS 6296UP Fabric Interconnect
Cisco Unified Computing System	=1.4\(1j\)
Cisco CG-OS	=cg4
Cisco CG-OS	=cg4\(1\)
Cisco 1120 Connected Grid Router
Cisco Aironet AP1240
Cisco NX-OS	=5.2
Cisco NX-OS	=5.2\(1\)
Cisco NX-OS	=5.2\(3\)
Cisco Nexus 7000 Series Switch
Cisco Nexus 7000
Cisco Nexus 7000
Cisco Nexus 7000 9-Slot Firmware
Cisco NX-OS
Cisco NX-OS	=5.0
Cisco NX-OS	=5.0\(2\)
Cisco NX-OS	=5.0\(2\)n1\(1\)
Cisco NX-OS	=5.0\(2\)n2\(1\)
Cisco NX-OS	=5.0\(2\)n2\(1a\)
Cisco NX-OS	=5.0\(2a\)
Cisco NX-OS	=5.0\(3\)
Cisco NX-OS	=5.0\(3\)n1\(1\)
Cisco NX-OS	=5.0\(3\)n1\(1a\)
Cisco NX-OS	=5.0\(3\)n1\(1b\)
Cisco NX-OS	=5.0\(3\)n1\(1c\)
Cisco NX-OS	=5.0\(3\)n2\(1\)
Cisco NX-OS	=5.0\(3\)n2\(2\)
Cisco NX-OS	=5.0\(3\)n2\(2a\)
Cisco NX-OS	=5.0\(3\)n2\(2b\)
Cisco NX-OS	=5.0\(3\)u1\(1a\)
Cisco NX-OS	=5.0\(3\)u1\(1b\)
Cisco NX-OS	=5.0\(3\)u1\(1d\)
Cisco NX-OS	=5.0\(3\)u1\(2\)
Cisco NX-OS	=5.0\(3\)u1\(2a\)
Cisco NX-OS	=5.0\(3\)u2\(1\)
Cisco Nexus 3016Q Firmware
Cisco Nexus 3048 Firmware
Cisco Nexus 3064
Cisco Nexus 3064-X Firmware
Cisco Nexus 3548-X/XL Firmware
Cisco NX-OS	=5.0\(3\)u2\(2\)
Cisco NX-OS	=5.0\(3\)u2\(2a\)
Cisco NX-OS	=5.0\(3\)u2\(2b\)
Cisco NX-OS	=5.0\(3\)u2\(2c\)
Cisco NX-OS	=5.0\(3\)u2\(2d\)
Cisco NX-OS	=5.0\(3\)u3\(1\)
Cisco NX-OS	=5.0\(3\)u3\(2\)
Cisco NX-OS	=5.0\(3\)u3\(2a\)
Cisco NX-OS	=5.0\(3\)u3\(2b\)
Cisco NX-OS	=5.0\(3\)u4\(1\)
Cisco NX-OS	=5.0\(3\)u5\(1\)
Cisco NX-OS	=5.0\(3\)u5\(1a\)
Cisco NX-OS	=5.0\(3\)u5\(1b\)
Cisco NX-OS	=5.0\(3\)u5\(1c\)
Cisco NX-OS	=5.0\(3\)u5\(1d\)
Cisco NX-OS	=5.0\(3\)u5\(1e\)
Cisco NX-OS	=5.0\(5\)
Cisco NX-OS	=5.1
Cisco NX-OS	=5.1\(1\)
Cisco NX-OS	=5.1\(1a\)
Cisco NX-OS	=5.1\(2\)
Cisco NX-OS	=5.1\(3\)
Cisco Nexus 5000 Firmware
Cisco Nexus 5010
Cisco Nexus 5010
Cisco Nexus 5020
Cisco Nexus 5020p Switch
Cisco Nexus 5548P Firmware
Cisco Nexus 5548UP Firmware
Cisco Nexus 5596UP Firmware
Cisco NX-OS	=4.1.\(2\)
Cisco Nexus 4001i

Never miss a vulnerability like this again

Reference Links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140521-nxos

Frequently Asked Questions

What is the severity of CVE-2014-3261?
CVE-2014-3261 has a high severity rating due to its potential for remote code execution through a buffer overflow.
How do I fix CVE-2014-3261?
To fix CVE-2014-3261, upgrade affected Cisco NX-OS devices to the recommended versions provided in the Cisco security advisory.
What products are affected by CVE-2014-3261?
CVE-2014-3261 affects various Cisco NX-OS devices including the Nexus 3000, 4000, and 5000 series along with the Unified Computing System Fabric Interconnects.
What type of vulnerability is CVE-2014-3261?
CVE-2014-3261 is categorized as a buffer overflow vulnerability in the Smart Call Home functionality.
Can CVE-2014-3261 be exploited remotely?
Yes, CVE-2014-3261 can be exploited remotely, making it critical to apply patches and updates promptly.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/references
agent/first-publish-date
agent/event
agent/description
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco unified computing system 6120xp fabric interconnect
canonical/cisco unified computing system 6140xp fabric interconnect
canonical/cisco ucs 6248up fabric interconnect
canonical/cisco ucs 6296up fabric interconnect
canonical/cisco unified computing system
version/cisco unified computing system/1.4\(1j\)
canonical/cisco cg-os
version/cisco cg-os/cg4
version/cisco cg-os/cg4\(1\)
canonical/cisco 1120 connected grid router
canonical/cisco aironet ap1240
canonical/cisco nx-os
version/cisco nx-os/5.2
version/cisco nx-os/5.2\(1\)
version/cisco nx-os/5.2\(3\)
canonical/cisco nexus 7000 series switch
canonical/cisco nexus 7000
canonical/cisco nexus 7000 9-slot firmware
version/cisco nx-os/5.0
version/cisco nx-os/5.0\(2\)
version/cisco nx-os/5.0\(2\)n1\(1\)
version/cisco nx-os/5.0\(2\)n2\(1\)
version/cisco nx-os/5.0\(2\)n2\(1a\)
version/cisco nx-os/5.0\(2a\)
version/cisco nx-os/5.0\(3\)
version/cisco nx-os/5.0\(3\)n1\(1\)
version/cisco nx-os/5.0\(3\)n1\(1a\)
version/cisco nx-os/5.0\(3\)n1\(1b\)
version/cisco nx-os/5.0\(3\)n1\(1c\)
version/cisco nx-os/5.0\(3\)n2\(1\)
version/cisco nx-os/5.0\(3\)n2\(2\)
version/cisco nx-os/5.0\(3\)n2\(2a\)
version/cisco nx-os/5.0\(3\)n2\(2b\)
version/cisco nx-os/5.0\(3\)u1\(1a\)
version/cisco nx-os/5.0\(3\)u1\(1b\)
version/cisco nx-os/5.0\(3\)u1\(1d\)
version/cisco nx-os/5.0\(3\)u1\(2\)
version/cisco nx-os/5.0\(3\)u1\(2a\)
version/cisco nx-os/5.0\(3\)u2\(1\)
canonical/cisco nexus 3016q firmware
canonical/cisco nexus 3048 firmware
canonical/cisco nexus 3064
canonical/cisco nexus 3064-x firmware
canonical/cisco nexus 3548-x/xl firmware
version/cisco nx-os/5.0\(3\)u2\(2\)
version/cisco nx-os/5.0\(3\)u2\(2a\)
version/cisco nx-os/5.0\(3\)u2\(2b\)
version/cisco nx-os/5.0\(3\)u2\(2c\)
version/cisco nx-os/5.0\(3\)u2\(2d\)
version/cisco nx-os/5.0\(3\)u3\(1\)
version/cisco nx-os/5.0\(3\)u3\(2\)
version/cisco nx-os/5.0\(3\)u3\(2a\)
version/cisco nx-os/5.0\(3\)u3\(2b\)
version/cisco nx-os/5.0\(3\)u4\(1\)
version/cisco nx-os/5.0\(3\)u5\(1\)
version/cisco nx-os/5.0\(3\)u5\(1a\)
version/cisco nx-os/5.0\(3\)u5\(1b\)
version/cisco nx-os/5.0\(3\)u5\(1c\)
version/cisco nx-os/5.0\(3\)u5\(1d\)
version/cisco nx-os/5.0\(3\)u5\(1e\)
version/cisco nx-os/5.0\(5\)
version/cisco nx-os/5.1
version/cisco nx-os/5.1\(1\)
version/cisco nx-os/5.1\(1a\)
version/cisco nx-os/5.1\(2\)
version/cisco nx-os/5.1\(3\)
canonical/cisco nexus 5000 firmware
canonical/cisco nexus 5010
canonical/cisco nexus 5020
canonical/cisco nexus 5020p switch
canonical/cisco nexus 5548p firmware
canonical/cisco nexus 5548up firmware
canonical/cisco nexus 5596up firmware
version/cisco nx-os/4.1.\(2\)
canonical/cisco nexus 4001i