SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco NX-OS Vendors:   Cisco
Cisco NX-OS VLAN Processing Flaw Lets Remote Users on the Local Network Consume Excessive CPU Resources on the Target System
SecurityTracker Alert ID:  1033611
SecurityTracker URL:  http://securitytracker.com/id/1033611
CVE Reference:   CVE-2015-6295   (Links to External Site)
Date:  Sep 18 2015
Impact:   Denial of service via network
Vendor Confirmed:  Yes  
Version(s): Nexus 9000 Series; releases 6.1(2)I3(4) and 7.0(3)I1(1)
Description:   A vulnerability was reported in Cisco NX-OS. A remote user on the local network can consume excessive CPU resources on the target system.

A remote user on the local network can send Layer 2 packets tagged with a specially crafted Nexus 9000 Series Switch (N9K) reserved VLAN number to consume excessive CPU resources on the target system. As a result, the control plane may become unstable.

The packets may be incorrectly forwarded to the connected interfaces instead of being dropped by the target device.

The vendor has assigned bug ID CSCuw13560 to this vulnerability.

Impact:   A remote user on the local network can consume excessive CPU resources and cause the control plane to become unstable on the target system.
Solution:   No solution was available at the time of this entry.

The Cisco advisory is available at:

http://tools.cisco.com/security/center/viewAlert.x?alertId=40990

Vendor URL:  tools.cisco.com/security/center/viewAlert.x?alertId=40990 (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC