Cisco Nexus 1000v Application Virtual Switch (AVS) devices before 5.2(1)SV3(1.5i) allow remote attackers to cause a denial of service (ESXi hypervisor crash and purple screen) via a crafted Cisco Discovery Protocol packet that triggers an out-of-bounds memory access, aka Bug ID CSCuw57985.
2016-07-28T01:59:44.853
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 6.5 (MEDIUM)
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.5
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(1\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(2\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(3\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(3a\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(3b\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(3c\) | Yes |
| Operating System | cisco | nx-os | 4.0\(4\)sv1\(3d\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(4\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(4a\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(4b\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(5.1\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(5.1a\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(5.2\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv1\(5.2b\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv2\(1.1\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv2\(1.1a\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv2\(2.1\) | Yes |
| Operating System | cisco | nx-os | 4.2\(1\)sv2\(2.1a\) | Yes |
| Operating System | cisco | nx-os | 5.2\(1\)sv3\(1.1\) | Yes |
| Operating System | cisco | nx-os | 5.2\(1\)sv3\(1.3\) | Yes |
| Operating System | cisco | nx-os | 5.2\(1\)sv3\(1.4\) | Yes |
| Hardware | cisco | nexus_1000v | - | No |