Vulnerability Description
Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Nexus 1000V Intercloud | <= 5.2\(1\)ic1\(1.2\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34130Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34130Vendor Advisory
FAQ
What is CVE-2014-0685?
CVE-2014-0685 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691.
How severe is CVE-2014-0685?
CVE-2014-0685 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0685?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Cisco Nexus 1000V Intercloud.