Details of VAR-201610-0663

ID

VAR-201610-0663

CVE

CVE-2015-0721

TITLE

Cisco NX-OS Security Bypass Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2016-09440 // CNNVD: CNNVD-201610-086

DESCRIPTION

Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection negotiation, aka Bug IDs CSCum35502, CSCuw78669, CSCuw79754, and CSCux88492. plural Cisco Nexus Run on device Cisco NX-OS Is AAA The restrictions are circumvented, CLI There is a vulnerability that can gain access. Cisco NX-OS is a data center-oriented operating system from Cisco. A security bypass vulnerability exists in the SSH subsystem in Cisco NX-OS versions 4.0 through 7.3, which can be exploited by remote attackers to bypass AAA restrictions and execute commands on the device command line. Multiple Cisco Nexus Devices is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions and perform certain unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID's CSCum35502, CSCuw78669, CSCuw79754, CSCux88492. The vulnerability is caused by the program not properly handling parameters during SSH connection negotiation. The following products running Cisco NX-OS System Software are affected: Cisco Multilayer Director Switches, Nexus 1000V Series Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 4000 Series Switches, Nexus Series 5 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in NX-OS mode

Trust: 2.61

sources: NVD: CVE-2015-0721 // JVNDB: JVNDB-2015-007273 // CNVD: CNVD-2016-09440 // BID: 93410 // VULHUB: VHN-78667 // VULMON: CVE-2015-0721

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-09440

AFFECTED PRODUCTS

vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(3\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n2\(1c\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(2\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(2a\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(1a\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	11.0\(1c\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2b\)	Trust: 1.6
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(0\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv2\(1.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2.\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1i\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(8a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(8\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u4\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(7\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1g\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv2\(1.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv2\(2.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1e\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(9\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1g\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(6b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)sm1\(5.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv2\(2.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u5\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1h\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(3\)n1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1f\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i3\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1j\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)n2\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(1d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u2\(2d\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(1a\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(4a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n2\(1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1\(2\)e1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u4\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)sv1\(5.1a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(4a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	base	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(3a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.1.\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(6\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n2\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1e\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n2\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	11.0\(1b\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(4\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)n1\(1c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	7.0\(2\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(0\)n1\(2a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(1\)n1\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(10\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.0\(2\)u1\(3\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u5\(1h\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u3\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.2\(1\)n1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(2\)i2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.1\(3\)n2\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0\(4\)sv1\(3c\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.0\(3\)u1\(2\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.1\(1\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	5.2\(5\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	6.2\(8a\)	Trust: 1.0
vendor:	cisco	model:	nx-os	scope:	eq	version:	4.0 to 7.3	Trust: 0.8
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	1000v	Trust: 0.6
vendor:	cisco	model:	nexus series switche	scope:	eq	version:	3000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	4000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	5000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	6000	Trust: 0.6
vendor:	cisco	model:	nexus series switches in nx-os mode	scope:	eq	version:	9000	Trust: 0.6
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	7700	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5600	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	5500	Trust: 0.6
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	2000	Trust: 0.6
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	3500	Trust: 0.6
vendor:	cisco	model:	multilayer director switches	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	nx-os software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	nexus series switches in nx-os mode	scope:	eq	version:	90000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	77000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	60000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	56000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	50000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	40000	Trust: 0.3
vendor:	cisco	model:	nexus platform switches	scope:	eq	version:	35000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	nexus series fabric extenders	scope:	eq	version:	20000	Trust: 0.3
vendor:	cisco	model:	nexus series switches	scope:	eq	version:	1000v0	Trust: 0.3
vendor:	cisco	model:	multilayer director switches	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-09440 // BID: 93410 // JVNDB: JVNDB-2015-007273 // CNNVD: CNNVD-201610-086 // NVD: CVE-2015-0721

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-0721
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-0721
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-09440
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201610-086
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-78667
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-0721
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-0721
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2016-09440
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-78667
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2015-0721
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-09440 // VULHUB: VHN-78667 // VULMON: CVE-2015-0721 // JVNDB: JVNDB-2015-007273 // CNNVD: CNNVD-201610-086 // NVD: CVE-2015-0721

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-78667 // JVNDB: JVNDB-2015-007273 // NVD: CVE-2015-0721

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-086

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201610-086

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007273

PATCH

title:	cisco-sa-20161005-nxaaa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-nxaaa	Trust: 0.8
title:	Cisco NX-OS Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/82463	Trust: 0.6
title:	Cisco NX-OS Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64514	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/cisco-warns-of-critical-flaws-in-nexus-switches/121164/	Trust: 0.1

sources: CNVD: CNVD-2016-09440 // VULMON: CVE-2015-0721 // JVNDB: JVNDB-2015-007273 // CNNVD: CNNVD-201610-086

EXTERNAL IDS

db:	NVD	id:	CVE-2015-0721	Trust: 3.5
db:	SECTRACK	id:	1036947	Trust: 2.4
db:	BID	id:	93410	Trust: 2.1
db:	JVNDB	id:	JVNDB-2015-007273	Trust: 0.8
db:	CNNVD	id:	CNNVD-201610-086	Trust: 0.7
db:	CNVD	id:	CNVD-2016-09440	Trust: 0.6
db:	VULHUB	id:	VHN-78667	Trust: 0.1
db:	VULMON	id:	CVE-2015-0721	Trust: 0.1

sources: CNVD: CNVD-2016-09440 // VULHUB: VHN-78667 // VULMON: CVE-2015-0721 // BID: 93410 // JVNDB: JVNDB-2015-007273 // CNNVD: CNNVD-201610-086 // NVD: CVE-2015-0721

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161005-nxaaa	Trust: 2.7
url:	http://www.securityfocus.com/bid/93410	Trust: 1.8
url:	http://securitytracker.com/id/1036947	Trust: 1.2
url:	http://www.securitytracker.com/id/1036947	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0721	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0721	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://www.rapid7.com/db/vulnerabilities/cisco-nx-os-cisco-sa-20161005-nxaaa	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/cisco-warns-of-critical-flaws-in-nexus-switches/121164/	Trust: 0.1

sources: CNVD: CNVD-2016-09440 // VULHUB: VHN-78667 // VULMON: CVE-2015-0721 // BID: 93410 // JVNDB: JVNDB-2015-007273 // CNNVD: CNNVD-201610-086 // NVD: CVE-2015-0721

CREDITS

Cisco.

Trust: 0.3

sources: BID: 93410

SOURCES

db:	CNVD	id:	CNVD-2016-09440
db:	VULHUB	id:	VHN-78667
db:	VULMON	id:	CVE-2015-0721
db:	BID	id:	93410
db:	JVNDB	id:	JVNDB-2015-007273
db:	CNNVD	id:	CNNVD-201610-086
db:	NVD	id:	CVE-2015-0721

LAST UPDATE DATE

2024-11-23T22:13:13.037000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-09440	date:	2016-10-19T00:00:00
db:	VULHUB	id:	VHN-78667	date:	2017-07-30T00:00:00
db:	VULMON	id:	CVE-2015-0721	date:	2017-07-30T00:00:00
db:	BID	id:	93410	date:	2016-10-10T03:03:00
db:	JVNDB	id:	JVNDB-2015-007273	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201610-086	date:	2016-10-10T00:00:00
db:	NVD	id:	CVE-2015-0721	date:	2024-11-21T02:23:35.893

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-09440	date:	2016-10-19T00:00:00
db:	VULHUB	id:	VHN-78667	date:	2016-10-06T00:00:00
db:	VULMON	id:	CVE-2015-0721	date:	2016-10-06T00:00:00
db:	BID	id:	93410	date:	2016-10-05T00:00:00
db:	JVNDB	id:	JVNDB-2015-007273	date:	2016-10-13T00:00:00
db:	CNNVD	id:	CNNVD-201610-086	date:	2016-10-10T00:00:00
db:	NVD	id:	CVE-2015-0721	date:	2016-10-06T10:59:00.210