Vulnerabilities > CVE-2011-4023 - Resource Management Errors vulnerability in Cisco products

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2012-05-03

Updated: 2018-10-30

Summary

Memory leak in libcmd in Cisco NX-OS 5.0 on Nexus switches allows remote authenticated users to cause a denial of service (memory consumption) via SNMP requests, aka Bug ID CSCtr65682.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco NX OS 5.0 Cisco NX OS 5.0\(2\) Cisco NX OS 5.0\(2\)N1\(1\) Cisco NX OS 5.0\(2\)N2\(1\) Cisco NX OS 5.0\(2\)N2\(1A\) Cisco NX OS 5.0\(2A\) Cisco NX OS 5.0\(3\) Cisco NX OS 5.0\(3\)N1\(1\) Cisco NX OS 5.0\(3\)N1\(1A\) Cisco NX OS 5.0\(3\)N1\(1B\) Cisco NX OS 5.0\(3\)N1\(1C\) Cisco NX OS 5.0\(3\)N2\(1\) Cisco NX OS 5.0\(3\)N2\(2\) Cisco NX OS 5.0\(3\)N2\(2A\) Cisco NX OS 5.0\(3\)N2\(2B\) Cisco NX OS 5.0\(5\)	16
Hardware	Cisco Cisco Nexus 2148T FEX Switch - Cisco Nexus 2224Tp FEX Switch - Cisco Nexus 2232Pp FEX Switch - Cisco Nexus 2232Tm FEX Switch - Cisco Nexus 2248Tp E FEX Switch - Cisco Nexus 2248Tp FEX Switch - Cisco Nexus 5010P Switch - Cisco Nexus 5020P Switch - Cisco Nexus 5548P - Cisco Nexus 5548Up - Cisco Nexus 5596Up -	11

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/release/notes/Rel_5_0_3_N2_1/Nexus5000_Release_Notes_5_0_3_N2.html