CVE-2015-6277

The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexus 3000 devices 7.3(0)ZD(0.47), Nexus 4000 devices 4.1(2)E1, Nexus 9000 devices 7.3(0)ZD(0.61), and MDS 9000 devices 7.0(0)HSK(0.353) and SAN-OS NX-OS on MDS 9000 devices 7.0(0)HSK(0.353) allows remote attackers to cause a denial of service (ARP process restart) via crafted packet-header fields, aka Bug ID CSCut25292.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
cisconx-os
7.3\(0\)zd\(0.47\)
cisconx-os
4.1\(2\)e1
cisconx-os
7.0\(0\)hsk\(0.353\)
ciscosan-os
7.0\(0\)hsk\(0.353\)
ciscomds_9000
-
cisconx-os
7.3\(0\)zd\(0.61\)
cisco1000v
5.2\(1\)sv3\(1.4\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=40748
http://www.securitytracker.com/id/1033443
http://tools.cisco.com/security/center/viewAlert.x?alertId=40748
http://www.securitytracker.com/id/1033443