Boletines de Vulnerabilidades

Cisco Nexus 9000 Series Switches Reserved VLAN Number Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the handling of incoming Layer 2 packets tagged with a Cisco Nexus 9000 Series Switch (N9K) reserved VLAN number could allow an unauthenticated, adjacent attacker to cause a partial denial of service (DoS) condition due to increased CPU utilization and possible control plane instability. In addition, Layer 2 packets, which should be dropped by the switch, may be incorrectly forwarded to the connected interfaces.The vulnerability is due to lack of validation of the VLAN number

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150916-CVE-2015-6295?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Switches%20Reserved%20VLAN%20Number%

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-10-08

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT