CVE-2015-6295 - Vulnerability Details - OpenCVE

Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Nexus 9000 Nexus 93120tx Nexus 93128tx Nexus 9332pq Nexus 9336pq Aci Spine Nexus 9372px Nexus 9372tx Nx-os

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:nx-os:6.1\(2\)i3\(4\):::::::*
	cpe:2.3:o:cisco:nx-os:7.0\(3\)i1\(1\):::::::*

OR	cpe:2.3:h:cisco:nexus_9000:-:::::::*
	cpe:2.3:h:cisco:nexus_93120tx:-:::::::*
	cpe:2.3:h:cisco:nexus_93128tx:-:::::::*
	cpe:2.3:h:cisco:nexus_9332pq:-:::::::*
	cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:::::::*
	cpe:2.3:h:cisco:nexus_9372px:-:::::::*
	cpe:2.3:h:cisco:nexus_9372tx:-:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/viewAlert.x?alertId=40990
http://www.securitytracker.com/id/1033611

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-09-20T14:00:00

Updated: 2024-08-06T07:15:13.326Z

Reserved: 2015-08-17T00:00:00

Link: CVE-2015-6295

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-09-20T14:59:03.850

Modified: 2024-11-21T02:34:43.340

Link: CVE-2015-6295

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-20T16:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"}, {"name": "1033611", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033611"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-6295", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"}, {"name": "1033611", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033611"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:15:13.326Z"}, "title": "CVE Program Container", "references": [{"name": "20150916 Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"}, {"name": "1033611", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033611"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-6295", "datePublished": "2015-09-20T14:00:00", "dateReserved": "2015-08-17T00:00:00", "dateUpdated": "2024-08-06T07:15:13.326Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:6.1\\(2\\)i3\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "0750C504-3D45-4ED7-9A0A-A8EEEEE426ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(3\\)i1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "58BC9769-F3CD-4047-8C86-8C09FB2AB0F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*", "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*", "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*", "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF", "vulnerable": false}, {"criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*", "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause a denial of service (CPU consumption or control-plane instability) or trigger unintended traffic forwarding via a Layer 2 packet with a reserved VLAN number, aka Bug ID CSCuw13560."}, {"lang": "es", "value": "Vulnerabilidad en Cisco NX-OS 6.1(2)I3(4) y 7.0(3)I1(1) en dispositivos Nexus 9000 (N9K), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU o inestabilidad en el plano de control) o desencadenar reenv\u00edos de tr\u00e1fico involuntarios a trav\u00e9s de un paquete de Layer 2 con un n\u00famero VLAN reservado, tambi\u00e9n conocida como Bug ID CSCuw13560."}], "id": "CVE-2015-6295", "lastModified": "2024-11-21T02:34:43.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-09-20T14:59:03.850", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033611"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40990"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033611"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}