7.6

CVE-2014-3261

Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Data is provided by the National Vulnerability Database (NVD)
CiscoCg-os Versioncg4
CiscoCgr 1120 Version-
CiscoCgr 1240 Version-
CiscoNx-os Version5.2
CiscoNexus 7000 Version-
CiscoNexus 7000 10-slot Version-
CiscoNexus 7000 18-slot Version-
CiscoNexus 7000 9-slot Version-
CiscoNx-os Version-
CiscoNx-os Version5.0
CiscoNexus 3016q Version-
CiscoNexus 3048 Version-
CiscoNexus 3064t Version-
CiscoNexus 3064x Version-
CiscoNexus 3548 Version-
CiscoNx-os Version5.0
CiscoNx-os Version5.1
CiscoNexus 5000 Version-
CiscoNexus 5010 Version-
CiscoNexus 5010p Switch Version-
CiscoNexus 5020 Version-
CiscoNexus 5020p Switch Version-
CiscoNexus 5548p Version-
CiscoNexus 5548up Version-
CiscoNexus 5596up Version-
CiscoNexus 4001i Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.82% 0.721
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.6 4.9 10
AV:N/AC:H/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.