Guest

Preview Tool

Cisco Bug: CSCur05017 - N5K/N6K evaluation for CVE-2014-6271 and CVE-2014-7169

Last Modified

May 23, 2018

Products (12)

  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 5596UP Switch
  • Cisco Nexus 5548P Switch
  • Cisco Nexus 6004 Switch
  • Cisco Nexus 5020 Switch
  • Cisco Nexus 6001 Switch
  • Cisco Nexus 5672UP Switch
  • Cisco Nexus 5548UP Switch
  • Cisco Nexus 5696Q Switch
  • Cisco Nexus 56128P Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

5.2(1)N1(8a) 6.0(2)N2(5) 7.0(3)N1(0.1) 7.0(3)N1(0.125) 7.0(4)N1(1) 7.1(0)N1(0.349)

Description (partial)

Symptom:
Symptoms:
The N5k/N6K product family includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:
 
CVE-2014-6271
CVE-2014-7169

This bug has been opened to address the potential impact on this product.

All current versions of NX-OS on this platform are affected unless otherwise stated..  This bug will be updated with detailed affected and fixed software versions once fixed software is available.
Exposure is not configuration dependent.
Authentication is required to exploit this vulnerability.

Conditions:
Conditions:

Telnet, SSH, HTTP (feature http-server) are attack vectors.

A user must first successfully log in and authenticate via SSH to trigger this vulnerability.
Exposure is not configuration dependant.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.