Buffer overflow in Cisco Mds_9000

CVE-2012-1340

The Fibre Channel over IP (FCIP) implementation in Cisco MDS NX-OS 4.2 and 5.2 on MDS 9000 series switches allows remote attackers to cause a denial of service (module reload) via a crafted FCIP header, aka Bug ID CSCtn93151.

Vulnerability class: Buffer Overflow

EPSS: 0.007 (72.0th percentile) — read the EPSS interpretation.

Affected products

Cisco Mds_9000
Cisco Mds_9000_nx-os — versions 4.2, 5.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1027348 (vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)