Details of VAR-201510-0704

ID

VAR-201510-0704

CVE

CVE-2015-4265

TITLE

Cisco Unified Computing System B Blade Server Service disruption in software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-005194

DESCRIPTION

Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C) bus, aka Bug ID CSCuq77241. Multiple Cisco UCS B-Series Blade Servers are prone to a local denial-of-service vulnerability. An attacker can exploit this issue to cause a disruption to the host, resulting in a denial of service (DoS) condition. This issue is being tracked by Cisco Bug ID CSCuq77241. Cisco UCS B-Series blade servers running Cisco UCS B-Series Blade Server Software prior to release 2.2.6 are vulnerable

Trust: 1.98

sources: NVD: CVE-2015-4265 // JVNDB: JVNDB-2015-005194 // BID: 77057 // VULHUB: VHN-82226

AFFECTED PRODUCTS

vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3e\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3f\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3b\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3c\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(5a\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3d\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3a\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(3g\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(2e\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(4b\)	Trust: 1.6
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1c\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1h\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1f\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1d\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1b\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1g\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(2d\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(1e\)	Trust: 1.0
vendor:	cisco	model:	ucs b-series blade server software	scope:	eq	version:	2.2\(2c\)	Trust: 1.0
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.6	Trust: 0.8
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	lt	version:	2.2.x	Trust: 0.8
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.6	Trust: 0.8
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.6	Trust: 0.8
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.6	Trust: 0.8
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	lt	version:	2.2.x	Trust: 0.8
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	lt	version:	2.2.x	Trust: 0.8
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.6	Trust: 0.8
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	lt	version:	2.2.x	Trust: 0.8
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	lt	version:	2.2.x	Trust: 0.8
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.5	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.4	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.3	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.2	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	ucs b460 m4 blade server	scope:	ne	version:	2.2.6	Trust: 0.3
vendor:	cisco	model:	ucs b420 m3 blade server	scope:	ne	version:	2.2.6	Trust: 0.3
vendor:	cisco	model:	ucs b260 m4 blade server	scope:	ne	version:	2.2.6	Trust: 0.3
vendor:	cisco	model:	ucs b22 m3 blade server	scope:	ne	version:	2.2.6	Trust: 0.3
vendor:	cisco	model:	ucs b200 m3 blade server	scope:	ne	version:	2.2.6	Trust: 0.3

sources: BID: 77057 // JVNDB: JVNDB-2015-005194 // CNNVD: CNNVD-201510-142 // NVD: CVE-2015-4265

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-4265
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-4265
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201510-142
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-82226
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-4265
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-82226
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-82226 // JVNDB: JVNDB-2015-005194 // CNNVD: CNNVD-201510-142 // NVD: CVE-2015-4265

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-82226 // JVNDB: JVNDB-2015-005194 // NVD: CVE-2015-4265

THREAT TYPE

local

Trust: 0.9

sources: BID: 77057 // CNNVD: CNNVD-201510-142

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201510-142

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005194

PATCH

title:

cisco-sa-20151006-ucs

url:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs

Trust: 0.8

sources: JVNDB: JVNDB-2015-005194

EXTERNAL IDS

db:	NVD	id:	CVE-2015-4265	Trust: 2.8
db:	SECTRACK	id:	1033752	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-005194	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-142	Trust: 0.7
db:	BID	id:	77057	Trust: 0.4
db:	VULHUB	id:	VHN-82226	Trust: 0.1

sources: VULHUB: VHN-82226 // BID: 77057 // JVNDB: JVNDB-2015-005194 // CNNVD: CNNVD-201510-142 // NVD: CVE-2015-4265

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151006-ucs	Trust: 2.0
url:	http://www.securitytracker.com/id/1033752	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4265	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4265	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-82226 // BID: 77057 // JVNDB: JVNDB-2015-005194 // CNNVD: CNNVD-201510-142 // NVD: CVE-2015-4265

CREDITS

Cisco

Trust: 0.3

sources: BID: 77057

SOURCES

db:	VULHUB	id:	VHN-82226
db:	BID	id:	77057
db:	JVNDB	id:	JVNDB-2015-005194
db:	CNNVD	id:	CNNVD-201510-142
db:	NVD	id:	CVE-2015-4265

LAST UPDATE DATE

2025-04-13T23:21:14.804000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-82226	date:	2016-12-08T00:00:00
db:	BID	id:	77057	date:	2015-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2015-005194	date:	2015-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201510-142	date:	2015-10-13T00:00:00
db:	NVD	id:	CVE-2015-4265	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-82226	date:	2015-10-12T00:00:00
db:	BID	id:	77057	date:	2015-10-06T00:00:00
db:	JVNDB	id:	JVNDB-2015-005194	date:	2015-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201510-142	date:	2015-10-13T00:00:00
db:	NVD	id:	CVE-2015-4265	date:	2015-10-12T10:59:03.117