CVE-2015-0718

Published

6 years ago

Last Modified

5 years ago

CVSSv2.0 Severity

High

CVSSv3.1 Severity

High

Impact Analysis

Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload) by sending crafted TCP packets to a device that has a TIME_WAIT TCP session, aka Bug ID CSCub70579..

CVSSv2.0 Score

Severity: High
Base Score: 7.8/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 6.9/10
Confidentiality Impact: None
Availability Impact: Complete
Integrity Impact: None

CVSSv3.1 Score

Severity: High
Base Score: 7.5/10
Exploit Score: 3.9/10
Access Vector: Network
Access Complexity: Low
Privileges Required: None
Impact Score: 3.6/10
Confidentiality Impact: None
Availability Impact: High
Integrity Impact: None
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:cisco:unified_computing_system:2.2_1e:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_2c:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3y:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3e:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_2a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3q:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_1q:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.6_base:::::*:	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4f:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3i:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3l:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_2d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3c:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_4d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_2m:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_1x:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4i:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_1c:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4g:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_1m:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4l:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_1a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3b:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5f:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_1t:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_1j:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_1b:::::::	Yes	-	-
cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:::::	Yes	-	-
cpe:2.3:o:zyxel:gs1900-10hp_firmware::::::::	Yes	-	2.50$aazi.0$c0
cpe:2.3:a:cisco:unified_computing_system:1.5_base:::::*:	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3f:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_1f:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5b:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_2r:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_2q:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4k:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_4j:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3m:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_1i:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_2e:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_3d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_1e:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_1d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_4b:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.2_1d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_2d:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_2c:::::::	Yes	-	-
cpe:2.3:o:netgear:jr6150_firmware::::::::	Yes	-	2017-01-06
cpe:2.3:o:sun:opensolaris:snv_124::sparc:::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5e:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_5c:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_3b:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_3a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_1s:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3s:::::::	Yes	-	-
cpe:2.3:o:zzinc:keymouse_firmware:3.08:::::windows::	Yes	-	-
cpe:2.3:o:cisco:nx-os:base:::::::*	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.1_1b:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_4a:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_3c:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:2.0_1w:::::::	Yes	-	-
cpe:2.3:a:cisco:unified_computing_system:1.4_3u:::::::	Yes	-	-

References

Ready to dive in? Start your free trial today.

Companies of all sizes—from startups to Fortune 500s—use Mageni to scan their assets for vulnerabilities, reduce risk exposure and minimizing the likelihood of a data breach. Free for 7-days then $39 USD Monthly. No Contracts, Cancel at Anytime and 7-days Money-Back Guarantee.

Get Started For Free

CVE-2015-0718

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Ready to dive in? Start your free trial today.

Mageni makes easy to find, prioritize, and remediate the vulnerabilities

Internal and External Scans

Remediate

Secure your Applications

Comprehensive Coverage

Report and Analyze

More visibility

Prioritize

SSL Certificates

Simple and transparent pricing

Stop worrying about your budget or licenses limits

What's included

Why should I get a subscription now?

Frequently asked questions

Ready to get started? Start you 7-day free trial

Product

Customer Service

Company

Compliance

CVE-2015-0718

CVE information

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Ready to dive in? Start your free trial today.

Mageni makes easy to find, prioritize, and remediate the vulnerabilities

Internal and External Scans

Remediate

Secure your Applications

Comprehensive Coverage

Report and Analyze

More visibility

Prioritize

SSL Certificates

Simple and transparent pricing

Stop worrying about your budget or licenses limits

What's included

Why should I get a subscription now?

Frequently asked questions

Ready to get started? Start you 7-day free trial