The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 improperly closes vty sessions after a commit/end operation, which allows local users to cause a denial of service (tmp/*config file creation, memory consumption, and device hang) via unspecified vectors, aka Bug ID CSCut93842.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=39939 - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1033259 - |
Information
Published : 2015-08-19 18:59
Updated : 2024-11-21 02:30
NVD link : CVE-2015-4277
Mitre link : CVE-2015-4277
CVE.ORG link : CVE-2015-4277
JSON object : View
Products Affected
cisco
- nexus_93128tx
- nexus_93120tx
- nexus_9372tx
- nexus_9508
- nexus_9372px
- nx-os
- nexus_9504
- nexus_9332pq
- nexus_9336pq_aci_spine
- nexus_9396tx
- nexus_9396px
- nexus_9516
CWE
CWE-399
Resource Management Errors