CVE-2015-4197 — Improper Input Validation in Cisco Nx-os

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.1MEDIUMNVD

EPSS

0.6%

top 29.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Nx-os

Timeline

PublishedJun 20

Latest updateMay 17

Description

Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/nx-os5.2\(5\)

🔴Vulnerability Details

GHSA

GHSA-2g6h-x254-rxr5: Cisco NX-OS 5↗2022-05-17

▶

CVEList

CVE-2015-4197: Cisco NX-OS 5↗2015-06-20

▶

📋Vendor Advisories

Cisco

Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability↗2015-06-19

▶