Vulnerabilities > CVE-2016-1465 - Resource Management Errors vulnerability in Cisco Nx-Os

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

cisco

CWE-399

NVD

Published: 2016-07-28

Updated: 2017-09-01

Summary

Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco NX OS 4.0\(4\)Sv1\(1\) Cisco NX OS 4.0\(4\)Sv1\(2\) Cisco NX OS 4.0\(4\)Sv1\(3\) Cisco NX OS 4.0\(4\)Sv1\(3A\) Cisco NX OS 4.0\(4\)Sv1\(3B\) Cisco NX OS 4.0\(4\)Sv1\(3C\) Cisco NX OS 4.0\(4\)Sv1\(3D\) Cisco NX OS 4.2\(1\)Sv1\(4\) Cisco NX OS 4.2\(1\)Sv1\(4A\) Cisco NX OS 4.2\(1\)Sv1\(4B\) Cisco NX OS 4.2\(1\)Sv1\(5.1\) Cisco NX OS 4.2\(1\)Sv1\(5.1A\) Cisco NX OS 4.2\(1\)Sv1\(5.2\) Cisco NX OS 4.2\(1\)Sv1\(5.2B\) Cisco NX OS 4.2\(1\)Sv2\(1.1\) Cisco NX OS 4.2\(1\)Sv2\(1.1A\) Cisco NX OS 4.2\(1\)Sv2\(2.1\) Cisco NX OS 4.2\(1\)Sv2\(2.1A\) Cisco NX OS 5.2\(1\)Sv3\(1.1\) Cisco NX OS 5.2\(1\)Sv3\(1.3\) Cisco NX OS 5.2\(1\)Sv3\(1.4\)	21
Hardware	Cisco Cisco Nexus 1000V -	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References