CiscoCISCO-SA-20150916-CVE-2015-6295Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%
A vulnerability in the handling of incoming Layer 2 packets tagged with a Cisco Nexus 9000 Series Switch (N9K) reserved VLAN number could allow an unauthenticated, adjacent attacker to cause a partial denial of service (DoS) condition due to increased CPU utilization and possible control plane instability. In addition, Layer 2 packets, which should be dropped by the switch, may be incorrectly forwarded to the connected interfaces.
The vulnerability is due to lack of validation of the VLAN number in the Layer 2 packet. An attacker could exploit this vulnerability by sending a crafted Layer 2 packet tagged with an N9K reserved VLAN number. An exploit could allow the attacker to cause a partial DoS condition due to increased CPU utilization and possible control plane instability. In addition, this packet should be dropped by the N9K, but could be forwarded to the attached networks.
Cisco has confirmed the vulnerability; however, updates are not available.
To exploit the vulnerability, an unauthenticated attacker would need access to the local network. This restriction reduces the potential for exploitation.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco nx-os software | eq | 6.1(2)I3 | |
| cisco nx-os software | eq | 7.0(3)I1 | |
| cisco nx-os software | eq | 6.1(2)I3(4) | |
| cisco nx-os software | eq | 7.0(3)I1(1) |
Related
4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:N/A:P
0.001 Low
EPSS
Percentile
44.7%