CVE-2015-4277

Published: Aug 19, 2015Modified: May 6, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.

Affected (2)

Products: Cisco: Nx Os

Cisco

1 product

Nx Os

Configuration A

2 vulnerable · 11 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Version 5.1.3
Cisco Nx Os	Version 5.3.0

Running on/with	Platform Versions
Cisco Nexus 93120tx	All versions
Cisco Nexus 93128tx	All versions
Cisco Nexus 9332pq	All versions
Cisco Nexus 9336pq Aci Spine	All versions
Cisco Nexus 9372px	All versions
Cisco Nexus 9372tx	All versions
Cisco Nexus 9396px	All versions
Cisco Nexus 9396tx	All versions
Cisco Nexus 9504	All versions
Cisco Nexus 9508	All versions
Cisco Nexus 9516	All versions

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=39939

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1033259

Source: psirt@cisco.com

http://tools.cisco.com/security/center/viewAlert.x?alertId=39939

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1033259

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.