Vulnerability in Cisco Nexus_1000v

CVE-2013-1212

The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter commu…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.002 (38.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Nexus_1000v
Cisco Nx-os
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

20130528 Cisco Nexus 1000V VSM to vCenter Communication Man-in-the-Middle Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)