Memory Leak in Cisco Unified Computing System 6100 Fabric Interconnect Devices
CVE-2013-3467

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Computing System 6120xp Fabric Interconnect; Unified Computing System 6140xp Fabric Interconnect
Vendor: CVE Published:; 30 August 2013

What is CVE-2013-3467?

The vulnerability presents a memory leak in the CLI component of Cisco's Unified Computing System 6100 Fabric Interconnect devices. In specific scenarios where a SPAN session is not configured, local users can exploit this vulnerability by executing the commands 'show monitor session all' or 'show monitor session'. This can lead to significant memory consumption, potentially causing denial of service by resetting the affected device.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/62065

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1028960

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2013
Vulnerability Reserved
May 6, 2013