Vulnerabilities > CVE-2015-6277 - Resource Management Errors vulnerability in Cisco products

CVSS 6.1 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

low complexity

cisco

CWE-399

NVD

Published: 2015-09-02

Updated: 2017-09-20

Summary

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco NX OS 7.3\(0\)Zd\(0.47\) Cisco NX OS 4.1\(2\)E1 Cisco NX OS 7.0\(0\)Hsk\(0.353\) Cisco NX OS 7.3\(0\)Zd\(0.61\) Cisco SAN OS 7.0\(0\)Hsk\(0.353\)	5
Hardware	Cisco Cisco Nexus 3000 - Cisco Nexus 4000 - Cisco MDS 9000 - Cisco Nexus 9000 -	4
Application	Cisco Cisco 1000V 5.2\(1\)Sv3\(1.4\)	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References