Vulnerabilites related to cisco - san-os
Vulnerability from fkie_nvd
Published
2015-09-02 16:59
Modified
2024-11-21 02:34
Severity ?
Summary
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zd\\(0.47\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2036380D-7658-40AE-B645-026A220E4BBE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10FFC5E8-CC5A-4D31-A63A-19E72EC442AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:4.1\\(2\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9BBDB0-666C-4692-9C56-8CA45DF58D2C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "872CEEED-5FAC-4AEF-AAEC-8B44C8C65E35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.0\\(0\\)hsk\\(0.353\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB1B7730-A25C-4634-B3E7-20B1B7D6B77B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:san-os:7.0\\(0\\)hsk\\(0.353\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DD13F608-3FA9-49DD-91D7-C73F7DD51FF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:mds_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD00AB9-F2DD-4D07-8DFF-E7B34824D66A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nx-os:7.3\\(0\\)zd\\(0.61\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D25D743D-FBCA-4A10-924A-DBD75F7FE171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nexus_9000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EBEBA5B-5589-417B-BF3B-976083E9FE54",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:1000v:5.2\\(1\\)sv3\\(1.4\\):-:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "515D71CA-4102-4F45-829D-91791A1B0CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
},
{
"lang": "es",
"value": "Vulnerabilidad en la implementaci\u00f3n ARP en Cisco NX-OS en dispositivos Nexus 1000V para VMware vSphere 5.2(1)SV3(1.4), dispositivos Nexus 3000 7.3(0)ZD(0.47), dispositivos Nexus 4000 4.1(2)E1, dispositivos Nexus 9000 7.3(0)ZD(0.61), y dispositivos MDS 9000 7.0(0)HSK(0.353) y SAN-OS NX-OS en dispositivos MDS 9000 7.0(0)HSK(0.353), permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del proceso ARP) a trav\u00e9s de campos de cabecera de paquetes manipulados, tambi\u00e9n conocida como Bug ID CSCut25292."
}
],
"id": "CVE-2015-6277",
"lastModified": "2024-11-21T02:34:41.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-02T16:59:03.907",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1033443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033443"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2015-6277
Vulnerability from cvelistv5
Published
2015-09-02 16:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033443 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40748 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033443",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033443"
},
{
"name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-19T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1033443",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033443"
},
{
"name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033443",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033443"
},
{
"name": "20150901 Cisco NX-OS Malformed ARP Header Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6277",
"datePublished": "2015-09-02T16:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201509-0285
Vulnerability from variot
The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292. Vendors have confirmed this vulnerability Bug ID CSCut25292 It is released as.Denial of service via a crafted packet header field by a third party (ARP Process restart ) There is a possibility of being put into a state. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. A security vulnerability exists in the Cisco NX-OS. The attacker is allowed to submit a special ARP packet to restart the target ARP service. This issue is being tracked by Cisco Bug IDs CSCut25292, CSCuw02034, CSCuw02035, CSCuw02037, and CSCuw02038. are all products of Cisco (Cisco). Cisco Nexus 1000V Switch is a virtual switch product running on the virtual machine platform (VMware vSphere), 3000, 4000, 7000 and 9000 series switches. Cisco MDS SAN-OS Software is an operating system running on fiber optic switches. The following products and versions are affected: Cisco MDS 9000 NX-OS and SAN-OS Software running Cisco NX-OS 7.0(0)HSK(0.353), Cisco NX-OS 5.2(1)SV3(1.4) Nexus 1000V Switches for VMware vSphere, Cisco Nexus 3000 Series Switches running Cisco NX-OS Release 7.3(0)ZD(0.47), Cisco Nexus 9000 Series Switches running Cisco NX-OS Release 7.3(0)ZD(0.61), running Cisco Nexus 4000 Series Switches with Cisco NX-OS 4.1(2)E1 release
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0285",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3\\(0\\)zd\\(0.61\\)"
},
{
"model": "san-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(0\\)hsk\\(0.353\\)"
},
{
"model": "1000v",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2\\(1\\)sv3\\(1.4\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(0\\)hsk\\(0.353\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.3\\(0\\)zd\\(0.47\\)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.1\\(2\\)e1"
},
{
"model": "mds 9000",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "mds 9000 nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0 (0)hsk(0.353)"
},
{
"model": "mds san-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0 (0)hsk(0.353)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "4.1(2)e1(1c) (cisco nexus 4000 series )"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.2(1)sv3(1.4) (cisco nexus 1000v switch for vmware vsphere)"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.3(0)zd(0.47) (cisco nexus 3000 series )"
},
{
"model": "nx-os",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.3(0)zd(0.61) (cisco nexus 9000 series )"
},
{
"model": "nexus 4.1 e1",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4000"
},
{
"model": "nexus 7.3 zd",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "mds 7.0 hsk",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "san-os nx-os on mds devices 7.0 hsk",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9000"
},
{
"model": "nexus 7.3 zd",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "nx-os on nexus devices for vmware vsphere 5.2 sv3",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "nexus switch for vmware vsphere 5.2 sv3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "nexus switch for nexus series 7.3 zd",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v9000"
},
{
"model": "nexus switch for nexus series 4.1 e1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v4000"
},
{
"model": "nexus switch for nexus series 7.3 zd",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1000v3000"
},
{
"model": "mds san-os software hsk",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "mds nx-os software 7.0 hsk",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9000"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "BID",
"id": "76548"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:mds_9000_nx-os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:san-os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:nx-os",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "76548"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6277",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2015-6277",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.1,
"id": "CNVD-2015-05865",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "VHN-84238",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6277",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6277",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-05865",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-016",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-84238",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "VULHUB",
"id": "VHN-84238"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292. Vendors have confirmed this vulnerability Bug ID CSCut25292 It is released as.Denial of service via a crafted packet header field by a third party (ARP Process restart ) There is a possibility of being put into a state. Cisco NX-OS software is a data center-level operating system that reflects modular design, resiliency, and maintainability. A security vulnerability exists in the Cisco NX-OS. The attacker is allowed to submit a special ARP packet to restart the target ARP service. \nThis issue is being tracked by Cisco Bug IDs CSCut25292, CSCuw02034, CSCuw02035, CSCuw02037, and CSCuw02038. are all products of Cisco (Cisco). Cisco Nexus 1000V Switch is a virtual switch product running on the virtual machine platform (VMware vSphere), 3000, 4000, 7000 and 9000 series switches. Cisco MDS SAN-OS Software is an operating system running on fiber optic switches. The following products and versions are affected: Cisco MDS 9000 NX-OS and SAN-OS Software running Cisco NX-OS 7.0(0)HSK(0.353), Cisco NX-OS 5.2(1)SV3(1.4) Nexus 1000V Switches for VMware vSphere, Cisco Nexus 3000 Series Switches running Cisco NX-OS Release 7.3(0)ZD(0.47), Cisco Nexus 9000 Series Switches running Cisco NX-OS Release 7.3(0)ZD(0.61), running Cisco Nexus 4000 Series Switches with Cisco NX-OS 4.1(2)E1 release",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6277"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "BID",
"id": "76548"
},
{
"db": "VULHUB",
"id": "VHN-84238"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6277",
"trust": 3.4
},
{
"db": "SECTRACK",
"id": "1033443",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-05865",
"trust": 0.6
},
{
"db": "BID",
"id": "76548",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-84238",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "VULHUB",
"id": "VHN-84238"
},
{
"db": "BID",
"id": "76548"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"id": "VAR-201509-0285",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "VULHUB",
"id": "VHN-84238"
}
],
"trust": 1.5958333333333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
}
]
},
"last_update_date": "2024-11-23T22:01:42.429000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "40748",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40748"
},
{
"title": "Patch for Cisco NX-OS ARP Service Restart Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/63608"
},
{
"title": "Cisco NX-OS Address Resolution Protocol Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61037"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84238"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=40748"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1033443"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6277"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6277"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "VULHUB",
"id": "VHN-84238"
},
{
"db": "BID",
"id": "76548"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"db": "VULHUB",
"id": "VHN-84238"
},
{
"db": "BID",
"id": "76548"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"date": "2015-09-02T00:00:00",
"db": "VULHUB",
"id": "VHN-84238"
},
{
"date": "2015-09-01T00:00:00",
"db": "BID",
"id": "76548"
},
{
"date": "2015-09-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"date": "2015-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"date": "2015-09-02T16:59:03.907000",
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05865"
},
{
"date": "2017-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-84238"
},
{
"date": "2015-09-01T00:00:00",
"db": "BID",
"id": "76548"
},
{
"date": "2015-09-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004562"
},
{
"date": "2015-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-016"
},
{
"date": "2024-11-21T02:34:41.370000",
"db": "NVD",
"id": "CVE-2015-6277"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Nexus Run on device Cisco NX-OS and MDS SAN-OS of ARP Service disruption in implementations (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004562"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-016"
}
],
"trust": 0.6
}
}