CVE-2007-1257

{"id": "CVE-2007-1257", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-03-03T20:19:00.000", "references": [{"url": "http://osvdb.org/33066", "source": "[email protected]"}, {"url": "http://secunia.com/advisories/24344", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://www.kb.cert.org/vuls/id/472412", "tags": ["US Government Resource"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/22751", "source": "[email protected]"}, {"url": "http://www.securitytracker.com/id?1017710", "source": "[email protected]"}, {"url": "http://www.vupen.com/english/advisories/2007/0783", "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750", "source": "[email protected]"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188", "source": "[email protected]"}, {"url": "http://osvdb.org/33066", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/24344", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/472412", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/22751", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1017710", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/0783", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32750", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5188", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address."}, {"lang": "es", "value": "El M\u00f3dulo Network Analysis (NAM) del Cisco Catalyst Series 6000, 6500 y 7600 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n mediante ciertos paquetes SNMP que son simulados desde la propia direcci\u00f3n IP del NAM."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:network_analysis_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD82BCCE-F68A-48A5-B484-98D9C3024E3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A2AF1C7-23EB-4C13-AC71-4FA7E78E8ED7"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2C1E3F7-D48E-4AF1-8205-33EB71E09E09"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6000_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2DF345D-AD8A-4DE6-8136-6EF7B011E4B1"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC58B690-8D30-4A04-82AA-A827F87DEE02"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41491D13-A3F9-464A-A84B-A58320838CBD"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD4D3F34-A1B3-4469-BF21-666FDAE9198B"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-1:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B64454B8-75A5-4A63-A4DC-ECA17CFBCD7E"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-svc-nam-2:2.2\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19A1FA93-21B3-4CD4-8A62-C66D82CFB2D5"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600_ws-x6380-nam:3.1\\(1a\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32583745-9640-4032-B1E1-598ABB4E89A0"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://www.cisco.com/warp/public/707/cisco-sa-20070228-nam.shtml#@ID\r\n\r\n\"Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects systems that run Internetwork Operating System (IOS) or Catalyst Operating System (CatOS). \"", "sourceIdentifier": "[email protected]"}