CVE-2015-6260Improper Input Validation in Zyxel Gs1900-10hp Firmware

CWE-20Improper Input Validation4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 41.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zyxel Gs1900-10hp Firmware
Timeline
PublishedMar 3
Latest updateMay 17

Description

Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDzyxel/gs1900-10hp_firmware< 2.50\(aazi.0\)c0

🔴Vulnerability Details

2
GHSA
GHSA-3x3w-ffg6-mp27: Cisco NX-OS 72022-05-17
CVEList
CVE-2015-6260: Cisco NX-OS 72016-03-03

📋Vendor Advisories

1
Cisco
Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability2016-03-03
CVE-2015-6260 — Improper Input Validation in Zyxel | cvebase