← Back

CVE-2015-4323

nvd nist
Published: Aug 19, 2015Modified: May 6, 2026

JSON object

Loading...
6.1
Vector
AV:A/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 6.5 / Impact: 6.9
Source: NVD

Description

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 devices 6.0(2)U5(1.41), 7.0(3)I2(0.373), and 7.3(0)ZN(0.83); Nexus 4000 devices 4.1(2)E1(1b); Nexus 7000 devices 6.2(14)S1; Nexus 9000 devices 7.3(0)ZN(0.9); and MDS 9000 devices 6.2 (13) and 7.1(0)ZN(91.99) and MDS SAN-OS 7.1(0)ZN(91.99) allows remote attackers to cause a denial of service (device outage) via a crafted ARP packet, related to incorrect MTU validation, aka Bug IDs CSCuv71933, CSCuv61341, CSCuv61321, CSCuu78074, CSCut37060, CSCuv61266, CSCuv61351, CSCuv61358, and CSCuv61366.

Affected (8)

Cisco
2 products
Nx Os
Mds 9000 Nx Os
Configuration A
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 6.2(14)s1
Running on/withPlatform Versions
Cisco
Nexus 7000
All versions
Cisco
Nexus 7700
All versions
Configuration B
3 vulnerable · 11 platform
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Version 6.0(2)u5(1.41)
Nx Os
Version 7.0(3)i2(0.373)
Nx Os
Version 7.3(0)zn(0.83)
Running on/withPlatform Versions
Cisco
Nexus 3016
All versions
Cisco
Nexus 3048
All versions
Cisco
Nexus 3064
All versions
Cisco
Nexus 31128pq
All versions
Cisco
Nexus 3132q
All versions
Cisco
Nexus 3164q
All versions
Cisco
Nexus 3172
All versions
Cisco
Nexus 3232c
All versions
Cisco
Nexus 3264q
All versions
Cisco
Nexus 3524
All versions
Cisco
Nexus 3548
All versions
Configuration C
11 platform
Running on/withPlatform Versions
Cisco
Nexus 93120tx
All versions
Cisco
Nexus 93128tx
All versions
Cisco
Nexus 9332pq
All versions
Cisco
Nexus 9336pq Aci Spine
All versions
Cisco
Nexus 9372px
All versions
Cisco
Nexus 9372tx
All versions
Cisco
Nexus 9396px
All versions
Cisco
Nexus 9396tx
All versions
Cisco
Nexus 9504
All versions
Cisco
Nexus 9508
All versions
Cisco
Nexus 9516
All versions
Configuration D
2 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Mds 9000 Nx Os
Version 6.2(13)
Mds 9000 Nx Os
Version 7.1(0)zn(91.99)
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 7.3(0)zn(0.9)
Running on/withPlatform Versions
Cisco
Nexus 1000v
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Nx Os
Version 4.1(2)e1(1b)
Running on/withPlatform Versions
Cisco
Nexus 4001i
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.