CVE-2016-1455

Name of the Vulnerable Software and Affected Versions Cisco NX-OS versions prior to 7.0(3)I2(2e) and 7.0(3)I4(1)

Description The issue is caused by an incorrect iptables local-interface configuration, allowing remote attackers to obtain sensitive information via TCP or UDP traffic. This is due to incorrect filtering of network traffic destined to certain TCP and UDP ports configured on a local interface. An attacker could exploit this by connecting to the affected device on one of the exposed TCP or UDP ports, potentially discovering sensitive data that could be used for further attacks.

Recommendations For Cisco NX-OS versions prior to 7.0(3)I2(2e) and 7.0(3)I4(1), update to the latest software version that addresses this issue, such as 7.0(3)I2(2e) or 7.0(3)I4(1) and later. As a temporary workaround, consider restricting access to the exposed TCP and UDP ports to minimize the risk of exploitation.