Cisco Nexus 1000V Vulnerability in SSL Certificate Verification
CVE-2013-1212

Currently unrated

Key Information:

Vendor: Cisco
Status: Nx-os; Nexus 1000v
Vendor: CVE Published:; 29 May 2013

Summary

The SSL functionality in Cisco Nexus 1000V has a flaw that fails to properly validate X.509 certificates. This vulnerability can be exploited by man-in-the-middle attackers, allowing them to impersonate servers. As a result, they can intercept or modify communication between the Virtual Supervisor Module (VSM) and VMware vCenter by presenting a crafted certificate. This issue emphasizes the need for robust certificate validation to maintain secure communication channels.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 29, 2013