Vulnerabilities > CVE-2015-4277 - Resource Management Errors vulnerability in Cisco Nx-Os 5.1.3/5.3.0

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
cisco
CWE-399
NVD
Published: 2015-08-19
Updated: 2017-09-21

Summary

The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.

Vulnerable Configurations

Part Description Count
OS
Cisco
2
Hardware
Cisco
11

Common Weakness Enumeration (CWE)

References