1. Home
  2. CVE Database
  3. CVE-2015-4324
MEDIUM · 6.1

CVE-2015-4324

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus...

Vulnerability Description

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.

CVSS Score

6.1

MEDIUM

AV:A/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoNx-Os7.3\(0\)zn\(0.81\)
CiscoNexus 3016-
CiscoNexus 3048-
CiscoNexus 3064-
CiscoNexus 31128PqAll versions
CiscoNexus 3132Q-
CiscoNexus 3164Q-
CiscoNexus 3172-
CiscoNexus 3232C-
CiscoNexus 3264Q-
CiscoNexus 3524-
CiscoNexus 3548-
CiscoNexus 93120Tx-
CiscoNexus 93128Tx-
CiscoNexus 9332Pq-
CiscoNexus 9336Pq Aci Spine-
CiscoNexus 9372Px-
CiscoNexus 9372Tx-
CiscoNexus 9396Px-
CiscoNexus 9396Tx-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2015-4324?

CVE-2015-4324 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus...

How severe is CVE-2015-4324?

CVE-2015-4324 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4324?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Nx-Os, Cisco Nexus 3016, Cisco Nexus 3048, Cisco Nexus 3064, Cisco Nexus 31128Pq.