Vulnerability Details : CVE-2014-0685
Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691.
Exploit prediction scoring system (EPSS) score for CVE-2014-0685
Probability of exploitation activity in the next 30 days: 0.20%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-0685
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-0685
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0685
-
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685
Cisco Nexus 1000V Access Control List Bypass VulnerabilityVendor Advisory
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=34130
Cisco Nexus 1000V Access Control List Bypass VulnerabilityVendor Advisory
Products affected by CVE-2014-0685
- Cisco » Cisco Nexus 1000v Intercloud » For VmwareVersions up to, including, (<=) 5.2\(1\)ic1\(1.2\)cpe:2.3:a:cisco:cisco_nexus_1000v_intercloud:*:*:*:*:*:vmware:*:*