CVE-2014-3261
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
26/05/2014
Last modified:
12/04/2025
Description
Buffer overflow in the Smart Call Home implementation in Cisco NX-OS on Fabric Interconnects in Cisco Unified Computing System 1.4 before 1.4(1i), NX-OS 5.0 before 5.0(3)U2(2) on Nexus 3000 devices, NX-OS 4.1 before 4.1(2)E1(1l) on Nexus 4000 devices, NX-OS 5.x before 5.1(3)N1(1) on Nexus 5000 devices, NX-OS 5.2 before 5.2(3a) on Nexus 7000 devices, and CG-OS CG4 before CG4(2) on Connected 1000 Connected Grid Routers allows remote SMTP servers to execute arbitrary code via a crafted reply, aka Bug IDs CSCtk00695, CSCts56633, CSCts56632, CSCts56628, CSCug14405, and CSCuf61322.
Impact
Base Score 2.0
7.60
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:cisco:unified_computing_system_6120xp_fabric_interconnect:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:unified_computing_system_6140xp_fabric_interconnect:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:unified_computing_system_6248up_fabric_interconnect:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:unified_computing_system_6296up_fabric_interconnect:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:unified_computing_system_infrastructure_and_unified_computing_system_software:1.4\(1j\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:cg-os:cg4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:cg-os:cg4\(1\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:cgr_1120:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:cgr_1240:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:nx-os:5.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:nx-os:5.2\(1\):*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:nx-os:5.2\(3\):*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:nexus_7000_10-slot:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:nexus_7000_18-slot:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page