Denial of Service Vulnerability in Cisco Nexus 9000 ACI Mode Switches
CVE-2015-6398

7.5HIGH

Key Information:

Vendor: Zyxel
Status: Gs1900-10HP Firmware
Vendor: CVE Published:; 7 February 2016

What is CVE-2015-6398?

The Cisco Nexus 9000 Series ACI Mode switches are susceptible to a vulnerability that allows remote attackers to exploit an ICMP packet with the IP Record Route option. This can result in a denial of service by causing the device to reload unexpectedly. The vulnerability affects software versions prior to 11.0(1c) and poses a risk to the stability and availability of network services.

References

http://www.securitytracker.com/id/1034928

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2016
Vulnerability Reserved
Aug 17, 2015

Zyxel

What is CVE-2015-6398?

References

CVSS V3.1

Timeline