CVE-2016-1455

Published on: 10/05/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:04 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Certain versions of Nexus 93128 from Cisco contain the following vulnerability:

Cisco NX-OS before 7.0(3)I2(2e) and 7.0(3)I4 before 7.0(3)I4(1) has an incorrect iptables local-interface configuration, which allows remote attackers to obtain sensitive information via TCP or UDP traffic, aka Bug ID CSCuz05365.

  • CVE-2016-1455 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH NONE NONE

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
Cisco Nexus 9000 NX-OS iptables Configuration Error Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036957
Cisco Nexus 9000 Information Disclosure Vulnerability Vendor Advisory
tools.cisco.com
text/html
URL Logo CISCO 20161005 Cisco Nexus 9000 Information Disclosure Vulnerability
Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability cve.report (archive)
text/html
URL Logo BID 93415

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareCiscoNexus 93128-AllAllAll
HardwareCiscoNexus 93128-AllAllAll
HardwareCiscoNexus 9396px-AllAllAll
HardwareCiscoNexus 9396px-AllAllAll
HardwareCiscoNexus 9396tx-AllAllAll
HardwareCiscoNexus 9396tx-AllAllAll
HardwareCiscoNexus 9504-AllAllAll
HardwareCiscoNexus 9504-AllAllAll
HardwareCiscoNexus 9508-AllAllAll
HardwareCiscoNexus 9508-AllAllAll
HardwareCiscoNexus 9516-AllAllAll
HardwareCiscoNexus 9516-AllAllAll
HardwareCiscoNexus N9336pq-AllAllAll
HardwareCiscoNexus N9336pq-AllAllAll
ApplicationCiscoNx-os7.0\(3\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1a\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1b\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(2\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1a\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1b\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(1\)AllAllAll
ApplicationCiscoNx-os7.0\(3\)i1\(2\)AllAllAll
  • cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_93128:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_n9336pq:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_n9336pq:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(2\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1a\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1b\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(1\):*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:nx-os:7.0\(3\)i1\(2\):*:*:*:*:*:*:*: