Improper input validation in Cisco Nexus_1000v
CVE-2013-3400
The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.003 (52.5th percentile) — read the EPSS interpretation.
Affected products
- Cisco Nexus_1000v
- Cisco Nx-os
- N/a — versions n/a
Weakness classification (CWE)
References
- 1028763 (vdb-entry, x_refsource_SECTRACK)
- 20130709 Cisco Nexus 1000V License Installation Command Injection Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)