Details of VAR-201506-0167

ID

VAR-201506-0167

CVE

CVE-2015-0775

TITLE

plural Cisco Run on device Cisco NX-OS Service disruption in the implementation of banners (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-003075

DESCRIPTION

The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182. plural Cisco Run on device Cisco NX-OS Banner ( alias MOTD) Implementation of service disruption ( Reset the login process ) There are vulnerabilities that are put into a state. Vendors have confirmed this vulnerability Bug ID CSCuo10554 , CSCuu75466 , CSCuu75471 , CSCuu75484 , CSCuu75498 , CSCuu77170 ,and CSCuu77182 It is released as.By a third party TELNET Denial of service via unspecified terminal session request during session setup ( Reset the login process ) There is a possibility of being put into a state. A security hole exists in the banner implementation of Cisco Nexus and MDS's Cisco NX-OS. Cisco Nexus and Multilayer Director Switches are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service condition, denying service to legitimate users. This issue is being tracked by Cisco bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77182, and CSCuu77170

Trust: 2.52

sources: NVD: CVE-2015-0775 // JVNDB: JVNDB-2015-003075 // CNVD: CNVD-2015-03886 // BID: 75131 // VULHUB: VHN-78721

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-03886

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(2\)	Trust: 1.6
vendor:	cisco	model:	mds 9000 nx-os	scope:	eq	version:	6.2\(11\)	Trust: 1.6
vendor:	cisco	model:	nexus 1000v	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(12\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1f\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2\(0\)zn\(99.67\)	Trust: 1.6
vendor:	cisco	model:	mds nx-os software	scope:	eq	version:	90006.2(11)	Trust: 0.9
vendor:	cisco	model:	mds 9000 nx-os	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 1000v switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3016 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3048 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3064 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 31128pq switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3132q switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3164q switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3172 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3232c switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3264q switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3524 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 3548 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 4001i switch module for ibm bladecenter	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7000 series switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 7700 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 93120tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 93128tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9332pq switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9336pq aci spini switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9372px switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9372tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9396px switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9396tx switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9504 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9508 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nexus 9516 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1(2)e1(1f) (nexus 4000 series switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2(1)sv3(2.1) (nexus 1000v switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0(2)n2(2) (nexus 5000 series switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2(11) (mds 9000 series switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2(12) (nexus 7000 series switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0(3) (nexus 9000 series switch )	Trust: 0.8
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.2(0)zn(99.67) (nexus 3000 series switch )	Trust: 0.8
vendor:	cisco	model:	nexus switch 5.2 sv3 base	scope:	eq	version:	1000v	Trust: 0.6
vendor:	cisco	model:	nx-os for nexus series	scope:	eq	version:	90007.0(3)	Trust: 0.3
vendor:	cisco	model:	nx-os for nexus series	scope:	eq	version:	70006.2(12)	Trust: 0.3
vendor:	cisco	model:	nx-os for nexus series 6.0 n2	scope:	eq	version:	5000	Trust: 0.3
vendor:	cisco	model:	nx-os for nexus series 4.1 e1	scope:	eq	version:	4000	Trust: 0.3
vendor:	cisco	model:	nx-os for nexus series 7.2 zn	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	nexus switch 5.2 sv3	scope:	eq	version:	1000v	Trust: 0.3

sources: CNVD: CNVD-2015-03886 // BID: 75131 // JVNDB: JVNDB-2015-003075 // CNNVD: CNNVD-201506-240 // NVD: CVE-2015-0775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0775
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-0775
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2015-03886
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201506-240
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-78721
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-0775
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-03886
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-78721
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-03886 // VULHUB: VHN-78721 // JVNDB: JVNDB-2015-003075 // CNNVD: CNNVD-201506-240 // NVD: CVE-2015-0775

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-78721 // JVNDB: JVNDB-2015-003075 // NVD: CVE-2015-0775

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201506-240

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201506-240

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003075

PATCH

title:	39280	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=39280	Trust: 0.8
title:	Patch for Cisco Nexus and MDS NX-OS Denial of Service Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/59748	Trust: 0.6

sources: CNVD: CNVD-2015-03886 // JVNDB: JVNDB-2015-003075

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0775	Trust: 3.4
db:	SECTRACK	id:	1032561	Trust: 1.1
db:	SECTRACK	id:	1032562	Trust: 1.1
db:	BID	id:	75131	Trust: 1.0
db:	JVNDB	id:	JVNDB-2015-003075	Trust: 0.8
db:	CNNVD	id:	CNNVD-201506-240	Trust: 0.7
db:	CNVD	id:	CNVD-2015-03886	Trust: 0.6
db:	VULHUB	id:	VHN-78721	Trust: 0.1

sources: CNVD: CNVD-2015-03886 // VULHUB: VHN-78721 // BID: 75131 // JVNDB: JVNDB-2015-003075 // CNNVD: CNNVD-201506-240 // NVD: CVE-2015-0775

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39280	Trust: 2.6
url:	http://www.securitytracker.com/id/1032561	Trust: 1.1
url:	http://www.securitytracker.com/id/1032562	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0775	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0775	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2015-03886 // VULHUB: VHN-78721 // BID: 75131 // JVNDB: JVNDB-2015-003075 // CNNVD: CNNVD-201506-240 // NVD: CVE-2015-0775

CREDITS

Cisco

Trust: 0.3

sources: BID: 75131

SOURCES

db:	CNVD	id:	CNVD-2015-03886
db:	VULHUB	id:	VHN-78721
db:	BID	id:	75131
db:	JVNDB	id:	JVNDB-2015-003075
db:	CNNVD	id:	CNNVD-201506-240
db:	NVD	id:	CVE-2015-0775

LAST UPDATE DATE

2024-11-23T21:54:57.873000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2015-03886	date:	2015-06-19T00:00:00
db:	VULHUB	id:	VHN-78721	date:	2017-01-04T00:00:00
db:	BID	id:	75131	date:	2015-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-003075	date:	2015-06-16T00:00:00
db:	CNNVD	id:	CNNVD-201506-240	date:	2015-06-18T00:00:00
db:	NVD	id:	CVE-2015-0775	date:	2024-11-21T02:23:41.770

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2015-03886	date:	2015-06-19T00:00:00
db:	VULHUB	id:	VHN-78721	date:	2015-06-12T00:00:00
db:	BID	id:	75131	date:	2015-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-003075	date:	2015-06-16T00:00:00
db:	CNNVD	id:	CNNVD-201506-240	date:	2015-06-15T00:00:00
db:	NVD	id:	CVE-2015-0775	date:	2015-06-12T14:59:02.770