CVE-2016-6457

MEDIUM

Cisco Nexus 9000 Series ACI Leaf Switches and APIC 11.2(2x)-12.0(1x) - Unauthenticated Denial of Service

Title source: llm
STIX 2.1

Description

A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9000 Series Leaf Switches (TOR) - ACI Mode and Cisco Application Policy Infrastructure Controller (APIC). More Information: CSCuy93241. Known Affected Releases: 11.2(2x) 11.2(3x) 11.3(1x) 11.3(2x) 12.0(1x). Known Fixed Releases: 11.2(2i) 11.2(2j) 11.2(3f) 11.2(3g) 11.2(3h) 11.2(3l) 11.3(0.236) 11.3(1j) 11.3(2i) 11.3(2j) 12.0(1r).

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94077
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037185

Scores

CVSS v3 6.5
EPSS 0.0072
EPSS Percentile 49.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-119
Status published
Products (21)
cisco/application_policy_infrastructure_controller 1.2\(2\)
cisco/application_policy_infrastructure_controller 1.2\(3\)
cisco/application_policy_infrastructure_controller 1.3\(1\)
cisco/application_policy_infrastructure_controller 1.3\(2\)
cisco/application_policy_infrastructure_controller 2.0\(1\)
cisco/nx-os 11.2\(2g\)
cisco/nx-os 11.2\(2h\)
cisco/nx-os 11.2\(2i\)
cisco/nx-os 11.2\(3c\)
cisco/nx-os 11.2\(3e\)
... and 11 more
Published Nov 19, 2016
Tracked Since Feb 18, 2026