Vulnerability Description
Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 7.0\(3\) |
| Cisco | Nexus 93128 | - |
| Cisco | Nexus 9396Px | - |
| Cisco | Nexus 9396Tx | - |
| Cisco | Nexus 9504 | - |
| Cisco | Nexus 9508 | - |
| Cisco | Nexus 9516 | - |
| Cisco | Nexus N9336Pq | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/93415
- http://www.securitytracker.com/id/1036957
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securityfocus.com/bid/93415
- http://www.securitytracker.com/id/1036957
FAQ
What is CVE-2016-1455?
CVE-2016-1455 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP tr...
How severe is CVE-2016-1455?
CVE-2016-1455 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-1455?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 93128, Cisco Nexus 9396Px, Cisco Nexus 9396Tx, Cisco Nexus 9504.