CVE-2015-4324

Cisco NX-OS - Denial of Service via Malformed IGMPv3 Packet

Title source: llm
STIX 2.1

Description

Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033327
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/76372
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40470

Scores

EPSS 0.0112
EPSS Percentile 62.1%

Details

CWE
CWE-119
Status published
Products (3)
cisco/nx-os 7.3\(0\)zn\(0.81\)
cisco/nx-os 4.1\(2\)e1\(1c\)
cisco/nx-os 7.2\(0\)n1\(0.1\)
Published Aug 19, 2015
Tracked Since Feb 18, 2026