CISCO : Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.105714

Category: CISCO

Title: Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)

Summary: A vulnerability in Cisco Nexus 7000 Series Switches could allow; an authenticated, local attacker to cause a denial of service (DoS) condition on an affected; device.

Description: Summary:
A vulnerability in Cisco Nexus 7000 Series Switches could allow
an authenticated, local attacker to cause a denial of service (DoS) condition on an affected
device.

Vulnerability Insight:
The vulnerability is due to an error in input validation for
the sed command. An attacker could exploit this vulnerability by passing crafted input to the sed
command.

Vulnerability Impact:
An exploit could allow the attacker to cause a DoS condition.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:S/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2014-0684
Cisco Security Advisory: 20140505 Cisco Nexus 7000 Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0684

Copyright Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.105714
Category:	CISCO
Title:	Cisco Nexus 7000 Denial of Service Vulnerability (Cisco-SA-20140506-CVE-2014-0684)
Summary:	A vulnerability in Cisco Nexus 7000 Series Switches could allow; an authenticated, local attacker to cause a denial of service (DoS) condition on an affected; device.
Description:	Summary: A vulnerability in Cisco Nexus 7000 Series Switches could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. Vulnerability Insight: The vulnerability is due to an error in input validation for the sed command. An attacker could exploit this vulnerability by passing crafted input to the sed command. Vulnerability Impact: An exploit could allow the attacker to cause a DoS condition. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0684 Cisco Security Advisory: 20140505 Cisco Nexus 7000 Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0684
Copyright	Copyright (C) 2016 Greenbone Networks GmbH