Vulnerability Name:

CVE-2007-5134 (CCN-36826)

Assigned:2007-09-26
Published:2007-09-26
Updated:2017-07-29
Summary:Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended.
CVSS v3 Severity:4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
3.3 Low (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:P/A:N)
2.4 Low (CCN Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-264
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2007-5134

Source: FULLDISC
Type: UNKNOWN
20070927 Re: CAT6500 accessible via 127.0.0.x loopback addresses

Source: CCN
Type: SA26988
Cisco Catalyst 6500 / Cisco 7600 Series Devices Accessible Loopback Address Weakness

Source: SECUNIA
Type: UNKNOWN
26988

Source: CCN
Type: SECTRACK ID: 1018742
Cisco Catalyst 6500 May Let Remote Users Bypass ACLs Using Loopback Addresses

Source: SECTRACK
Type: UNKNOWN
1018742

Source: CCN
Type: SECTRACK ID: 1018743
Cisco 7600 May Let Remote Users Bypass ACLs Using Loopback Addresses

Source: CCN
Type: cisco-sr-20070926-lb
Catalyst 6500 and Cisco 7600 Series Devices Accessible via Loopback Address

Source: CISCO
Type: Patch
20070926 Catalyst 6500 and Cisco 7600 Series Devices Accessible via Loopback Address

Source: CCN
Type: OSVDB ID: 37504
Cisco Catalyst 6500 / 7600 Series EOBC Local Interface Weakness

Source: BID
Type: Exploit
25822

Source: CCN
Type: BID-25822
Cisco Catalyst 6500 and Cisco 7600 Loopback Access Control Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018743

Source: VUPEN
Type: UNKNOWN
ADV-2007-3276

Source: XF
Type: UNKNOWN
cisco-catalyst-loopback-acl-bypass(36826)

Source: XF
Type: UNKNOWN
cisco-catalyst-loopback-acl-bypass(36826)

Vulnerable Configuration:Configuration 1:
  • cpe:/h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-x6380-nam:2.1(2):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-x6380-nam:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:*:*:sup2_msfc2:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-x6380-nam:2.1(2):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-x6380-nam:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:catos:5.4(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:catos:7.5(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:catos:7.6(1):*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:cisco:catalyst:6500:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst:7600:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-x6380-nam:2.1(2):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6500_ws-x6380-nam:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:2.2(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-x6380-nam:2.1(2):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600_ws-x6380-nam:3.1(1a):*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:::sup720_msfc3:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_7600:::sup2_msfc2:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco catalyst 6500 *
    cisco catalyst 6500 ws-svc-nam-1 2.2(1a)
    cisco catalyst 6500 ws-svc-nam-1 3.1(1a)
    cisco catalyst 6500 ws-svc-nam-2 2.2(1a)
    cisco catalyst 6500 ws-svc-nam-2 3.1(1a)
    cisco catalyst 6500 ws-x6380-nam 2.1(2)
    cisco catalyst 6500 ws-x6380-nam 3.1(1a)
    cisco catalyst 7600 *
    cisco catalyst 7600 *
    cisco catalyst 7600 *
    cisco catalyst 7600 ws-svc-nam-1 2.2(1a)
    cisco catalyst 7600 ws-svc-nam-1 3.1(1a)
    cisco catalyst 7600 ws-svc-nam-2 2.2(1a)
    cisco catalyst 7600 ws-svc-nam-2 3.1(1a)
    cisco catalyst 7600 ws-x6380-nam 2.1(2)
    cisco catalyst 7600 ws-x6380-nam 3.1(1a)
    cisco catos 5.4(1)
    cisco catos 7.5(1)
    cisco catos 7.6(1)
    cisco catalyst 6500
    cisco catalyst 7600
    cisco catalyst 6500 ws-svc-nam-1 2.2(1a)
    cisco catalyst 6500 ws-svc-nam-1 3.1(1a)
    cisco catalyst 6500 ws-svc-nam-2 2.2(1a)
    cisco catalyst 6500 ws-svc-nam-2 3.1(1a)
    cisco catalyst 6500 ws-x6380-nam 2.1(2)
    cisco catalyst 6500 ws-x6380-nam 3.1(1a)
    cisco catalyst 7600 ws-svc-nam-1 2.2(1a)
    cisco catalyst 7600 ws-svc-nam-1 3.1(1a)
    cisco catalyst 7600 ws-svc-nam-2 2.2(1a)
    cisco catalyst 7600 ws-svc-nam-2 3.1(1a)
    cisco catalyst 7600 ws-x6380-nam 2.1(2)
    cisco catalyst 7600 ws-x6380-nam 3.1(1a)
    cisco catalyst 7600
    cisco catalyst 7600