CVE-2013-1211

Name of the Vulnerable Software and Affected Versions Cisco NX-OS on the Nexus 1000V (affected versions not specified)

Description The issue is related to insufficient authentication between a Virtual Ethernet Module (VEM) and a Virtual Supervisor Module (VSM) in Cisco Nexus 1000V. This allows remote attackers to obtain VEM access via spoofed STUN packets or a crafted VMware ESXi instance. An attacker could exploit this by using STUN protocol packets or setting up a rogue ESXi instance to gain control over a VEM. The vulnerability may require access to a trusted, internal network to successfully exploit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.