CVE-2015-4324 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Nx-os

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.8%
top 25.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedAug 19
Latest updateMay 17

Description

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.

CVSS vector

AV:A/AC:L/C:N/I:N/A:CExploitability: 6.5 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/nx-os4.1\(2\)e1\(1c\), 7.2\(0\)n1\(0.1\), 7.3\(0\)zn\(0.81\)+2

🔴Vulnerability Details

2
GHSA
GHSA-4mmx-4w74-g4x8: Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7↗2022-05-17
â–¶
CVEList
CVE-2015-4324: Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7↗2015-08-19
â–¶

📋Vendor Advisories

1
Cisco
Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability↗2015-08-17
â–¶
CVE-2015-4324 — Cisco Nx-os vulnerability | cvebase