The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter communication, via a crafted certificate, aka Bug ID CSCud14837.
CVSS v2.0 Score
5.8
/ 10.0
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Information
- Published
- 29 mai 2013
- Updated
- 29 avr. 2026
- Status
- Modified
- Source
- psirt@cisco.com
Affected products
cisco nx-os
cisco nexus 1000v
Weaknesses (CWE)
CWE-310
References (2)
Similar CVEs
Other vulnerabilities of type CWE-310
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.