CVE-2015-6260

Published Mar 3, 2016

Last updated 8 years ago

CVSS high 7.5

Overview

Description: Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21D9999F-C55E-4BAB-A401-007FB34B2A5E",
            "versionEndExcluding": "2.50\\(aazi.0\\)c0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References