CVE-2014-3261

Summary

CVE	CVE-2014-3261
State	PUBLISHED
Assigner	cisco
Source Priority	CVE Program / NVD first with legacy fallback
Published	2014-05-26 00:25:32 UTC
Updated	2026-05-06 22:30:45 UTC
Description	Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.

Risk And Classification

Primary CVSS: v2.0 7.6 from [email protected]

AV:N/AC:H/Au:N/C:C/I:C/A:C

Problem Types: CWE-119 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

High

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:N/AC:H/Au:N/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Cisco	Cg-os	cg4	All	All	All
Operating System	Cisco	Cg-os	cg4\(1\)	All	All	All
Hardware	Cisco	Cgr 1120	-	All	All	All
Hardware	Cisco	Cgr 1240	-	All	All	All
Hardware	Cisco	Nexus 7000	-	All	All	All
Hardware	Cisco	Nexus 7000 10-slot	-	All	All	All
Hardware	Cisco	Nexus 7000 18-slot	-	All	All	All
Hardware	Cisco	Nexus 7000 9-slot	-	All	All	All
Operating System	Cisco	Nx-os	-	All	All	All
Operating System	Cisco	Nx-os	5.0	All	All	All
Operating System	Cisco	Nx-os	5.0\(2a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(2\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(2\)n1\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(2\)n2\(1a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(2\)n2\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n1\(1a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n1\(1b\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n1\(1c\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n1\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n2\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n2\(2a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n2\(2b\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)n2\(2\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u1\(1a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u1\(1b\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u1\(1d\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u1\(2a\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u1\(2\)	All	All	All
Operating System	Cisco	Nx-os	5.0\(3\)u2\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.2	All	All	All
Operating System	Cisco	Nx-os	5.2\(1\)	All	All	All
Operating System	Cisco	Nx-os	5.2\(3\)	All	All	All
Hardware	Cisco	Unified Computing System 6120xp Fabric Interconnect	-	All	All	All
Hardware	Cisco	Unified Computing System 6140xp Fabric Interconnect	-	All	All	All
Hardware	Cisco	Unified Computing System 6248up Fabric Interconnect	-	All	All	All
Hardware	Cisco	Unified Computing System 6296up Fabric Interconnect	-	All	All	All
Operating System	Cisco	Unified Computing System Infrastructure And Unified Computing System Software	1.4\(1j\)	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Products	af854a3a-2127-422b-91ae-364da2661108	tools.cisco.com	Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.