Vulnerability Description
Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and 5.x before 5.1(3)N1(1), Nexus 4000 devices before 4.1(2)E1(1h), Nexus 3000 devices 5.x before 5.0(3)U3(1), Nexus 1000V devices 4.x before 4.2(1)SV1(5.1), MDS 9000 devices 4.x and 5.x before 5.2(4), Unified Computing System (UCS) 6100 and 6200 devices before 2.0(2m), and Connected Grid Router (CGR) 1000 devices before CG4(1) allow remote attackers to execute arbitrary code via malformed CDP packets, aka Bug IDs CSCtu10630, CSCtu10551, CSCtu10550, CSCtw56581, CSCtu10548, CSCtu10544, and CSCuf61275.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 4.0 |
| Cisco | Nexus 7000 | - |
| Cisco | Nexus 7000 10-Slot | - |
| Cisco | Nexus 7000 18-Slot | - |
| Cisco | Nexus 7000 9-Slot | - |
| Cisco | Mds 9000 | All versions |
| Cisco | Nexus 5000 | - |
| Cisco | Nexus 5010 | - |
| Cisco | Nexus 5020 | - |
| Cisco | Nexus 5548P | - |
| Cisco | Nexus 5548Up | - |
| Cisco | Nexus 5596Up | - |
| Cisco | Nexus 4001I | - |
| Cisco | Nexus 3000 | All versions |
| Cisco | Nexus 3016Q | - |
| Cisco | Nexus 3048 | - |
| Cisco | Nexus 3064T | - |
| Cisco | Nexus 3064X | - |
| Cisco | Nexus 3548 | - |
| Cisco | Nexus 1000V | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
FAQ
What is CVE-2013-1178?
CVE-2013-1178 is a vulnerability with a CVSS score of 8.3 (HIGH). Multiple buffer overflows in the Cisco Discovery Protocol (CDP) implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(4) and 6.x before 6.1(1), Nexus 5000 and 5500 devices 4.x and...
How severe is CVE-2013-1178?
CVE-2013-1178 has been rated HIGH with a CVSS base score of 8.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1178?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 7000, Cisco Nexus 7000 10-Slot, Cisco Nexus 7000 18-Slot, Cisco Nexus 7000 9-Slot.