cvelistv5 - cve-2015-6377

CVE-2015-6377 (GCVE-0-2015-6377)

Vulnerability from cvelistv5

Published

2015-11-24 02:00

Modified

2024-08-06 07:22

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2015-6377

Vulnerability from fkie_nvd

Published

2015-11-24 04:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts	Vendor Advisory

Impacted products

	Vendor	Product	Version
	cisco	virtual_topology_system	2.0\(0\)
	cisco	virtual_topology_system	2.0\(1\)

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:virtual_topology_system:2.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "20E5B470-31F8-4FE8-868B-A74DB7B830FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:virtual_topology_system:2.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6C4B5F43-92FF-46C0-9554-6AA2C086C032",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379."
    },
    {
      "lang": "es",
      "value": "Cisco Virtual Topology System (VTS) 2.0(0) y 2.0(1) permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU y memoria e interrupci\u00f3n de puerto TCP) a trav\u00e9s de una inundaci\u00f3n de paquetes TCP manipulados, tambi\u00e9n conocido como Bug ID CSCux13379."
    }
  ],
  "id": "CVE-2015-6377",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-11-24T04:59:00.177",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2015-6377

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2015-6377

Aliases

CVE-2015-6377

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6377",
    "description": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379.",
    "id": "GSD-2015-6377"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6377"
      ],
      "details": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379.",
      "id": "GSD-2015-6377",
      "modified": "2023-12-13T01:20:04.320708Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6377",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20151123 Cisco Virtual Topology System TCP Connection Functionality Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:2.0\\(0\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:2.0\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6377"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20151123 Cisco Virtual Topology System TCP Connection Functionality Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-11-24T16:57Z",
      "publishedDate": "2015-11-24T04:59Z"
    }
  }
}

CERTFR-2015-AVI-501

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans Cisco Virtual Topology System. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Cisco	N/A	Cisco Virtual Topology System version 2.0(0)
	Cisco	N/A	Cisco Virtual Topology System version 2.0(1)

References

Title

Publication Time

Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379. Cisco Virtual Topology System is prone to a denial-of-service vulnerability. An attacker can exploit this issue to consume CPU resources and cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCux13379. Cisco Virtual Topology System (VTS) is an open source and scalable SDN framework for data center virtual network configuration and management developed by Cisco

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201511-0229",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "virtual topology system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.0\\(1\\)"
      },
      {
        "model": "virtual topology system",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.0\\(0\\)"
      },
      {
        "model": "virtual topology system",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "2.0(1)"
      },
      {
        "model": "virtual topology system",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "2.0(0)"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "77687"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:virtual_topology_system",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "77687"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-6377",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-6377",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-84338",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-6377",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6377",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201511-409",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84338",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-6377",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379. Cisco Virtual Topology System is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to consume CPU resources and cause a denial-of-service condition. \nThis issue is being tracked by Cisco Bug ID CSCux13379. Cisco Virtual Topology System (VTS) is an open source and scalable SDN framework for data center virtual network configuration and management developed by Cisco",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "BID",
        "id": "77687"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6377",
        "trust": 2.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "77687",
        "trust": 0.5
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-89947",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-84338",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "db": "BID",
        "id": "77687"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "id": "VAR-201511-0229",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:27:04.363000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20151123-vts",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
      },
      {
        "title": "Cisco Virtual Topology System Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58845"
      },
      {
        "title": "Cisco: Cisco Virtual Topology System TCP Connection Functionality Denial of Service Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151123-vts"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.2,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151123-vts"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6377"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6377"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/399.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/77687"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "db": "BID",
        "id": "77687"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "db": "BID",
        "id": "77687"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "date": "2015-11-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "date": "2015-11-23T00:00:00",
        "db": "BID",
        "id": "77687"
      },
      {
        "date": "2015-11-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "date": "2015-11-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "date": "2015-11-24T04:59:00.177000",
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-11-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84338"
      },
      {
        "date": "2015-11-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6377"
      },
      {
        "date": "2015-11-23T00:00:00",
        "db": "BID",
        "id": "77687"
      },
      {
        "date": "2015-11-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      },
      {
        "date": "2015-11-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      },
      {
        "date": "2024-11-21T02:34:53.217000",
        "db": "NVD",
        "id": "CVE-2015-6377"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Virtual Topology System Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006010"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201511-409"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2015-07807

Vulnerability from cnvd

Title

Cisco Virtual Topology System拒绝服务漏洞

Description

Cisco Virtual Topology System（VTS）是美国思科（Cisco）公司的一套基于标准的、开放的用于虚拟和物理基础设施的自动化数据中心网络结构配置的管理和供应系统。 Cisco VTS 2.0(0)版本和2.0(1)版本中存在安全漏洞。远程攻击者可通过发送大量特制的TCP数据包利用该漏洞造成拒绝服务（CPU和内存消耗，TCP端口中断）。

Severity

高

Patch Name

Cisco Virtual Topology System拒绝服务漏洞的补丁

Patch Description

Cisco Virtual Topology System（VTS）是美国思科（Cisco）公司的一套基于标准的、开放的用于虚拟和物理基础设施的自动化数据中心网络结构配置的管理和供应系统。Cisco VTS 2.0(0)版本和2.0(1)版本中存在安全漏洞。远程攻击者可通过发送大量特制的TCP数据包利用该漏洞造成拒绝服务（CPU和内存消耗，TCP端口中断）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts

Impacted products

Name
['Cisco Virtual Topology System (VTS) 2.0(0)', 'Cisco Virtual Topology System (VTS) 2.0(1)']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6377"
    }
  },
  "description": "Cisco Virtual Topology System\uff08VTS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u6807\u51c6\u7684\u3001\u5f00\u653e\u7684\u7528\u4e8e\u865a\u62df\u548c\u7269\u7406\u57fa\u7840\u8bbe\u65bd\u7684\u81ea\u52a8\u5316\u6570\u636e\u4e2d\u5fc3\u7f51\u7edc\u7ed3\u6784\u914d\u7f6e\u7684\u7ba1\u7406\u548c\u4f9b\u5e94\u7cfb\u7edf\u3002\r\n\r\nCisco VTS 2.0(0)\u7248\u672c\u548c2.0(1)\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u5927\u91cf\u7279\u5236\u7684TCP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08CPU\u548c\u5185\u5b58\u6d88\u8017\uff0cTCP\u7aef\u53e3\u4e2d\u65ad\uff09\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07807",
  "openTime": "2015-11-27",
  "patchDescription": "Cisco Virtual Topology System\uff08VTS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8e\u6807\u51c6\u7684\u3001\u5f00\u653e\u7684\u7528\u4e8e\u865a\u62df\u548c\u7269\u7406\u57fa\u7840\u8bbe\u65bd\u7684\u81ea\u52a8\u5316\u6570\u636e\u4e2d\u5fc3\u7f51\u7edc\u7ed3\u6784\u914d\u7f6e\u7684\u7ba1\u7406\u548c\u4f9b\u5e94\u7cfb\u7edf\u3002Cisco VTS 2.0(0)\u7248\u672c\u548c2.0(1)\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u5927\u91cf\u7279\u5236\u7684TCP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08CPU\u548c\u5185\u5b58\u6d88\u8017\uff0cTCP\u7aef\u53e3\u4e2d\u65ad\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Virtual Topology System\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Virtual Topology System (VTS) 2.0(0)",
      "Cisco Virtual Topology System (VTS) 2.0(1)"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts",
  "serverity": "\u9ad8",
  "submitTime": "2015-11-26",
  "title": "Cisco Virtual Topology System\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

ghsa-f84m-wg53-4c32

Vulnerability from github

Published

2022-05-17 04:01

Modified

2022-05-17 04:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6377"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-24T04:59:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bug ID CSCux13379.",
  "id": "GHSA-f84m-wg53-4c32",
  "modified": "2022-05-17T04:01:46Z",
  "published": "2022-05-17T04:01:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6377"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-vts"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2015-6377 (GCVE-0-2015-6377)

Vulnerability from cvelistv5

fkie_cve-2015-6377

Vulnerability from fkie_nvd

gsd-2015-6377

Vulnerability from gsd

CERTFR-2015-AVI-501

Vulnerability from certfr_avis

Solution

var-201511-0229

Vulnerability from variot

cnvd-2015-07807

Vulnerability from cnvd

ghsa-f84m-wg53-4c32

Vulnerability from github

Tags

Sightings

Nomenclature