vulnerability

Cisco NX-OS: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability (CVE-2015-6392)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Oct 5, 2016	Jan 5, 2017	Mar 6, 2023

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Oct 5, 2016

Added

Jan 5, 2017

Modified

Mar 6, 2023

Description

Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via crafted IPv4 DHCP packets to the (1) DHCPv4 relay agent or (2) smart relay agent, aka Bug IDs CSCuq24603, CSCur93159, CSCus21693, and CSCut76171.

Solution

update-nxos

References

BID-93406
CVE-2015-6392
https://attackerkb.com/topics/CVE-2015-6392
DISA_SEVERITY-Category I
IAVM-2016-A-0274
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today