CVE-2007-1257

The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/33066
http://secunia.com/advisories/24344	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml	Vendor Advisory
http://www.kb.cert.org/vuls/id/472412	US Government Resource
http://www.securityfocus.com/bid/22751
http://www.securitytracker.com/id?1017710
http://www.vupen.com/english/advisories/2007/0783
https://exchange.xforce.ibmcloud.com/vulnerabilities/32750
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188

Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\(1a\):::::::*
	cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\(1a\):::::::*

History

No history.

Information

Published : 2007-03-03 20:19

Updated : 2017-10-11 01:31

NVD link : CVE-2007-1257

Mitre link : CVE-2007-1257

CVE.ORG link : CVE-2007-1257

JSON object : View

Products Affected

cisco

catalyst_6000_ws-x6380-nam
network_analysis_module
catalyst_6000_ws-svc-nam-1
catalyst_6000_ws-svc-nam-2
catalyst_6500_ws-svc-nam-1
catalyst_6500_ws-svc-nam-2
catalyst_7600_ws-svc-nam-1
catalyst_7600_ws-x6380-nam
catalyst_7600_ws-svc-nam-2
catalyst_6500_ws-x6380-nam

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2007-1257", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-03-03T20:19:00.000", "references": [{"url": "http://osvdb.org/33066", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24344", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/472412", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/22751", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017710", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/0783", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address."}, {"lang": "es", "value": "El M\u00f3dulo Network Analysis (NAM) del Cisco Catalyst Series 6000, 6500 y 7600 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante ciertos paquetes SNMP que son simulados desde la propia direcci\u00f3n IP del NAM."}], "lastModified": "2017-10-11T01:31:48.097", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD82BCCE-F68A-48A5-B484-98D9C3024E3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A2AF1C7-23EB-4C13-AC71-4FA7E78E8ED7"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C1E3F7-D48E-4AF1-8205-33EB71E09E09"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2DF345D-AD8A-4DE6-8136-6EF7B011E4B1"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC58B690-8D30-4A04-82AA-A827F87DEE02"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41491D13-A3F9-464A-A84B-A58320838CBD"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4D3F34-A1B3-4469-BF21-666FDAE9198B"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B64454B8-75A5-4A63-A4DC-ECA17CFBCD7E"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19A1FA93-21B3-4CD4-8A62-C66D82CFB2D5"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32583745-9640-4032-B1E1-598ABB4E89A0"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml#@ID\r\n\r\n\"Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). \"", "sourceIdentifier": "cve@mitre.org"}