CVE-2015-4324

Published: Aug 19, 2015Modified: May 6, 2026

6.1

Vector

AV:A/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 6.5 / Impact: 6.9

Source: NVD

Description

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.

Affected (3)

Products: Cisco: Nx Os

Cisco

1 product

Nx Os

Configuration A

11 platform

Running on/with	Platform Versions
Cisco Nexus 3016	All versions
Cisco Nexus 3048	All versions
Cisco Nexus 3064	All versions
Cisco Nexus 31128pq	All versions
Cisco Nexus 3132q	All versions
Cisco Nexus 3164q	All versions
Cisco Nexus 3172	All versions
Cisco Nexus 3232c	All versions
Cisco Nexus 3264q	All versions
Cisco Nexus 3524	All versions
Cisco Nexus 3548	All versions

Configuration B

11 platform

Running on/with	Platform Versions
Cisco Nexus 93120tx	All versions
Cisco Nexus 93128tx	All versions
Cisco Nexus 9332pq	All versions
Cisco Nexus 9336pq Aci Spine	All versions
Cisco Nexus 9372px	All versions
Cisco Nexus 9372tx	All versions
Cisco Nexus 9396px	All versions
Cisco Nexus 9396tx	All versions
Cisco Nexus 9504	All versions
Cisco Nexus 9508	All versions
Cisco Nexus 9516	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Version 7.3(0)zn(0.81)

Running on/with	Platform Versions
Cisco Nexus 1000v	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Version 4.1(2)e1(1c)

Running on/with	Platform Versions
Cisco Nexus 4001i	All versions

Configuration E

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Cisco Nx Os	Version 7.2(0)n1(0.1)

Running on/with	Platform Versions
Cisco Nexus 7000	All versions
Cisco Nexus 7700	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

http://tools.cisco.com/security/center/viewAlert.x?alertId=40470

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/76372

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1033327

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/viewAlert.x?alertId=40470

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/76372

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1033327

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.