Test ID:	1.3.6.1.4.1.25623.1.0.106338
Category:	CISCO
Title:	Cisco Nexus 9000 Information Disclosure Vulnerability (cisco-sa-20161005-n9kinfo)
Summary:	A vulnerability in the internal iptables configuration for; local interfaces on the Cisco Nexus 9000 Series Switch could allow an unauthenticated, remote; attacker to access certain sensitive data. The attacker could use this information to conduct; additional reconnaissance attacks.
Description:	Summary: A vulnerability in the internal iptables configuration for local interfaces on the Cisco Nexus 9000 Series Switch could allow an unauthenticated, remote attacker to access certain sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. Vulnerability Insight: The vulnerability is due to incorrect filtering of network traffic destined to certain TCP and UDP ports configured on a local interface. An attacker could exploit this vulnerability by connecting to the affected device on one of the exposed TCP or UDP ports. Vulnerability Impact: An exploit could allow the attacker to discover certain sensitive data which should be restricted and could be used to conduct further attacks. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1455 BugTraq ID: 93415 http://www.securityfocus.com/bid/93415 Cisco Security Advisory: 20161005 Cisco Nexus 9000 Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-n9kinfo http://www.securitytracker.com/id/1036957
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.