Sign-up

ID

VAR-201603-0159


CVE

CVE-2015-6260


TITLE

plural Cisco Nexus Run on device Cisco NX-OS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-007000

DESCRIPTION

Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645. Cisco NX-OS is a data center level operating system

Trust: 2.25

sources: NVD: CVE-2015-6260 // JVNDB: JVNDB-2015-007000 // CNVD: CNVD-2016-01459 // VULHUB: VHN-84221

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-01459

AFFECTED PRODUCTS

vendor:zyxelmodel:gs1900-10hpscope:ltversion:2.50\(aazi.0\)c0

Trust: 1.0

vendor:ciscomodel:nx-osscope:eqversion:7.1(1)n1(1)

Trust: 0.8

vendor:ciscomodel:nx-os on nexus platform switches 7.1 n1scope:eqversion:5600

Trust: 0.6

vendor:ciscomodel:nx-os on nexus series switches 7.1 n1scope:eqversion:6000

Trust: 0.6

vendor:ciscomodel:nx-osscope:eqversion:7.1\\\(1\\\)n1\\\(1\\\)

Trust: 0.6

sources: CNVD: CNVD-2016-01459 // JVNDB: JVNDB-2015-007000 // CNNVD: CNNVD-201603-012 // NVD: CVE-2015-6260

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-6260
value: HIGH

Trust: 1.0

NVD: CVE-2015-6260
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-01459
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201603-012
value: HIGH

Trust: 0.6

VULHUB: VHN-84221
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-6260
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-01459
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-84221
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-6260
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2016-01459 // VULHUB: VHN-84221 // JVNDB: JVNDB-2015-007000 // CNNVD: CNNVD-201603-012 // NVD: CVE-2015-6260

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-84221 // JVNDB: JVNDB-2015-007000 // NVD: CVE-2015-6260

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201603-012

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201603-012

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-007000

PATCH
title:cisco-sa-20160302-n5ksnmpurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n5ksnmp
Trust: 0.8
title:Patch for Cisco NX-OSSoftware Denial of Service Vulnerability (CNVD-2016-01459)url:https://www.cnvd.org.cn/patchInfo/show/72207
Trust: 0.6
title:Cisco NX-OS Software SNMP Fixes for packet denial of service vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60377
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-01459 // 
            
            
            
            JVNDB: JVNDB-2015-007000 // 
            
            
            
            CNNVD: CNNVD-201603-012

EXTERNAL IDS
db:NVDid:CVE-2015-6260
Trust: 3.1
db:SECTRACKid:1035158
Trust: 1.1
db:JVNDBid:JVNDB-2015-007000
Trust: 0.8
db:CNNVDid:CNNVD-201603-012
Trust: 0.7
db:CNVDid:CNVD-2016-01459
Trust: 0.6
db:VULHUBid:VHN-84221
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01459 // 
            
            
            
            VULHUB: VHN-84221 // 
            
            
            
            JVNDB: JVNDB-2015-007000 // 
            
            
            
            CNNVD: CNNVD-201603-012 // 
            
            
            
            NVD: CVE-2015-6260

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160302-n5ksnmp
Trust: 2.3
url:http://www.securitytracker.com/id/1035158
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6260
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6260
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2016-01459 // 
            
            
            
            VULHUB: VHN-84221 // 
            
            
            
            JVNDB: JVNDB-2015-007000 // 
            
            
            
            CNNVD: CNNVD-201603-012 // 
            
            
            
            NVD: CVE-2015-6260

SOURCES
db:CNVDid:CNVD-2016-01459
db:VULHUBid:VHN-84221
db:JVNDBid:JVNDB-2015-007000
db:CNNVDid:CNNVD-201603-012
db:NVDid:CVE-2015-6260

LAST UPDATE DATE
2024-11-23T22:31:00.286000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-01459date:2016-03-08T00:00:00
db:VULHUBid:VHN-84221date:2016-12-03T00:00:00
db:JVNDBid:JVNDB-2015-007000date:2016-03-23T00:00:00
db:CNNVDid:CNNVD-201603-012date:2016-03-03T00:00:00
db:NVDid:CVE-2015-6260date:2024-11-21T02:34:39.633

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-01459date:2016-03-07T00:00:00
db:VULHUBid:VHN-84221date:2016-03-03T00:00:00
db:JVNDBid:JVNDB-2015-007000date:2016-03-23T00:00:00
db:CNNVDid:CNNVD-201603-012date:2016-03-03T00:00:00
db:NVDid:CVE-2015-6260date:2016-03-03T22:59:08.693