Vulnerability Details : CVE-2015-0775
The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2.1) on Nexus 1000V devices, 6.0(2)N2(2) on Nexus 5000 devices, 6.2(11) on MDS 9000 devices, 6.2(12) on Nexus 7000 devices, 7.0(3) on Nexus 9000 devices, and 7.2(0)ZN(99.67) on Nexus 3000 devices allows remote attackers to cause a denial of service (login process reset) via an unspecified terminal-session request during TELNET session setup, aka Bug IDs CSCuo10554, CSCuu75466, CSCuu75471, CSCuu75484, CSCuu75498, CSCuu77170, and CSCuu77182.
Vulnerability category: Denial of service
Products affected by CVE-2015-0775
- cpe:2.3:o:cisco:nx-os:6.0\(2\)n2\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:4.1\(2\)e1\(1f\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:7.2\(0\)zn\(99.67\):*:*:*:*:*:*:*When used together with: Cisco » Nexus 31128pq
- cpe:2.3:o:cisco:nx-os:6.2\(12\):*:*:*:*:*:*:*
- cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:mds_9000_nx-os:6.2\(11\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-0775
0.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 63 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-0775
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-0775
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-0775
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=39280
Cisco Nexus and Cisco Multilayer Director Switches MOTD Telnet Login Reset VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1032561
Cisco MDS Telnet Login Banner Bug Lets Remote Users Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1032562
Cisco NX-OS Telnet Login Banner Bug Lets Remote Users Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
Jump to