1. Home
  2. CVE Database
  3. CVE-2011-0355
HIGH · 7.8

CVE-2011-0355

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS u...

Vulnerability Description

Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
Cisco1000V Virtual Ethernet Module \(Vem\)4.0\(4\)
VmwareEsx4.0
VmwareEsxi4.0

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2011-0355?

CVE-2011-0355 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS u...

How severe is CVE-2011-0355?

CVE-2011-0355 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0355?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco 1000V Virtual Ethernet Module \(Vem\), Vmware Esx, Vmware Esxi.