Sign-up

ID

VAR-201405-0171


CVE

CVE-2014-0685


TITLE

VMware for Cisco Nexus 1000V InterCloud In ACL Vulnerability that avoids rejection statements

Trust: 0.8

sources: JVNDB: JVNDB-2014-002407

DESCRIPTION

Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691. The Cisco Nexus Series switches are data center switches. Adopt the Cisco Nexus OS operating system. The Cisco NX-OS Nexus 1000V has security vulnerabilities. Because the access control list lacks support for IGMPv2 and IGMPv3, remote attackers can send IGMPv2 and IGMPv3 communications to bypass the 'deny' statement in the access control list. An attacker can exploit these issues to bypass certain security restrictions. This may aid in further attacks. These issues are being tracked by Cisco BugID CSCug61691. The software provides Cisco Catalyst switch functions such as QoS, ACL and SPAN in a VMware virtualized environment

Trust: 2.52

sources: NVD: CVE-2014-0685 // JVNDB: JVNDB-2014-002407 // CNVD: CNVD-2014-02911 // BID: 67213 // VULHUB: VHN-68178

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-02911

AFFECTED PRODUCTS

vendor:ciscomodel:nexus 1000v intercloudscope:lteversion:5.2\(1\)ic1\(1.2\)

Trust: 1.0

vendor:ciscomodel:nexus 1000v intercloudscope:lteversion:5.2(1)ic1(1.2)

Trust: 0.8

vendor:ciscomodel:nexus intercloud 5.2 ic1scope:eqversion:1000v

Trust: 0.6

vendor:ciscomodel:nexus 1000v intercloudscope:eqversion:5.2\(1\)ic1\(1.2\)

Trust: 0.6

vendor:ciscomodel:nexus intercloud for vmwarescope:eqversion:1000v0

Trust: 0.3

sources: CNVD: CNVD-2014-02911 // BID: 67213 // JVNDB: JVNDB-2014-002407 // CNNVD: CNNVD-201405-094 // NVD: CVE-2014-0685

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0685
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0685
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-02911
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201405-094
value: MEDIUM

Trust: 0.6

VULHUB: VHN-68178
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0685
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-02911
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-68178
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-02911 // VULHUB: VHN-68178 // JVNDB: JVNDB-2014-002407 // CNNVD: CNNVD-201405-094 // NVD: CVE-2014-0685

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-68178 // JVNDB: JVNDB-2014-002407 // NVD: CVE-2014-0685

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201405-094

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201405-094

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002407

PATCH
title:Cisco Nexus 1000V Access Control List Bypass Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685
Trust: 0.8
title:34130url:http://tools.cisco.com/security/center/viewAlert.x?alertId=34130
Trust: 0.8
title:Cisco Nexus 1000V IGMPv2/IGMPv3 Access Control Patch for Defective Security Bypass Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/45482
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-02911 // 
            
            
            
            JVNDB: JVNDB-2014-002407

EXTERNAL IDS
db:NVDid:CVE-2014-0685
Trust: 3.4
db:BIDid:67213
Trust: 1.0
db:JVNDBid:JVNDB-2014-002407
Trust: 0.8
db:CNNVDid:CNNVD-201405-094
Trust: 0.7
db:OSVDBid:106666
Trust: 0.6
db:CNVDid:CNVD-2014-02911
Trust: 0.6
db:CISCOid:20140505 CISCO NEXUS 1000V ACCESS CONTROL LIST BYPASS VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-68178
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-02911 // 
            
            
            
            VULHUB: VHN-68178 // 
            
            
            
            BID: 67213 // 
            
            
            
            JVNDB: JVNDB-2014-002407 // 
            
            
            
            CNNVD: CNNVD-201405-094 // 
            
            
            
            NVD: CVE-2014-0685

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0685
Trust: 2.6
url:http://tools.cisco.com/security/center/viewalert.x?alertid=34130
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0685
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0685
Trust: 0.8
url:http://osvdb.com/show/osvdb/106666
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-02911 // 
            
            
            
            VULHUB: VHN-68178 // 
            
            
            
            BID: 67213 // 
            
            
            
            JVNDB: JVNDB-2014-002407 // 
            
            
            
            CNNVD: CNNVD-201405-094 // 
            
            
            
            NVD: CVE-2014-0685

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 67213

SOURCES
db:CNVDid:CNVD-2014-02911
db:VULHUBid:VHN-68178
db:BIDid:67213
db:JVNDBid:JVNDB-2014-002407
db:CNNVDid:CNNVD-201405-094
db:NVDid:CVE-2014-0685

LAST UPDATE DATE
2025-04-13T23:18:22.947000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-02911date:2014-05-09T00:00:00
db:VULHUBid:VHN-68178date:2014-05-07T00:00:00
db:BIDid:67213date:2014-05-05T00:00:00
db:JVNDBid:JVNDB-2014-002407date:2014-05-08T00:00:00
db:CNNVDid:CNNVD-201405-094date:2014-05-08T00:00:00
db:NVDid:CVE-2014-0685date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-02911date:2014-05-09T00:00:00
db:VULHUBid:VHN-68178date:2014-05-07T00:00:00
db:BIDid:67213date:2014-05-05T00:00:00
db:JVNDBid:JVNDB-2014-002407date:2014-05-08T00:00:00
db:CNNVDid:CNNVD-201405-094date:2014-05-08T00:00:00
db:NVDid:CVE-2014-0685date:2014-05-07T10:55:04.727